coder

mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00

Author	SHA1	Message	Date
dependabot[bot]	edd5d83280	ci: bump the github-actions group with 12 updates (#24558 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lukasz <CommanderK5@users.noreply.github.com> Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>	2026-04-23 10:31:55 +05:00
Atif Ali	d0c9571f62	ci: add build provenance attestation for release binaries (#24345 )	2026-04-15 17:44:25 +05:00
Garrett Delfosse	48bc215f20	chore: tag RCs on main, cut release branch only for releases (#24001 ) RC tags are now created directly on `main`. The `release/X.Y` branch is only cut when the actual release is ready. This eliminates the need to cherry-pick hundreds of commits from main onto the release branch between the first RC and the release. ## Workflow ``` main: ──●──●──●──●──●──●──●──●──●── ↑ ↑ ↑ rc.0 rc.1 cut release/2.34, tag v2.34.0 \ release/2.34: ──●── v2.34.1 (patch) ``` 1. RC: On `main`, run `./scripts/release.sh`. The tool detects main (or a detached HEAD reachable from main), prompts for the commit SHA to tag, suggests the next RC version, and tags it. 2. Release: When the RC is blessed, create `release/X.Y` from `main` (or the specific RC commit). Switch to that branch and run `./scripts/release.sh`, which suggests `vX.Y.0`. 3. Patch: Cherry-pick fixes onto `release/X.Y` and run `./scripts/release.sh` from that branch. ## Changes ### `scripts/releaser/release.go` - Two modes based on branch: - `main` (or detached HEAD from main) — RC tagging. Prompts for the commit SHA to tag (defaults to HEAD). Always checks out the target commit so the flow operates in detached HEAD. Suggests the next RC based on existing RC tags. - `release/X.Y` — Release/patch mode. Suggests `vX.Y.0` if the latest tag is an RC, or the next patch otherwise. - Detached HEAD support: if `git branch --show-current` is empty, checks whether HEAD is an ancestor of `origin/main` and enters RC mode automatically. - Commit selection prompt in RC mode: shows current commit, lets the user confirm or provide a different SHA. - Warns if you try to tag a non-RC on main, or an RC on a release branch. - Skips open-PR check and branch sync check in RC mode (not useful on main). ### `scripts/releaser/main.go` - Updated help text. ### `.github/workflows/release.yaml` - RC tags (`-rc.`): skip the release-branch validation (they live on main). - Non-RC tags: still require the corresponding `release/X.Y` branch. ### `docs/about/contributing/CONTRIBUTING.md` - Rewrote the Releases section with the new workflow, release types table, and ASCII diagram. - Replaced the old "Creating a release" / "Creating a release (via workflow dispatch)" subsections. <details><summary>Decision log</summary> ### Why this approach? Previously, cutting a release branch early for an RC meant cherry-picking all of main's progress onto that branch before the actual release — often hundreds of commits. This approach avoids that entirely: RCs are just tagged snapshots of main, and the release branch only exists once you need it for stabilization and backports. ### Files NOT changed - `scripts/release/publish.sh` — `--rc` flag controls GitHub prerelease marking (tag-level, not branch-level). `target_commitish` already defaults to `main` when the tag isn't on a release branch. - `scripts/release/tag_version.sh` — No RC-specific branch logic. - `scripts/releaser/version.go` — Version parsing/comparison unchanged. - `docs/install/releases/index.md` — Public-facing docs describe RC as a release channel with no branch-level detail. </details> > Generated by Coder Agents	2026-04-07 15:21:22 -04:00
dependabot[bot]	6c47e9ea23	ci: bump the github-actions group with 3 updates (#24085 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.16.0 to 2.16.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.16.1</h2> <h2>What's Changed</h2> <p>Enterprise tier: Added support for direct IP addresses in the allow list Community tier: Migrated Harden Runner telemetry to a new endpoint</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1">https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d"><code>fe10465</code></a> v2.16.1 (<a href="https://redirect.github.com/step-security/harden-runner/issues/654">#654</a>)</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594...fe104658747b27e96e4f7e80cd0a94068e53901d">compare view</a></li> </ul> </details> <br /> Updates `dependabot/fetch-metadata` from 2.5.0 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <p>The breaking change is requiring Node.js version v24 as the Actions runtime.</p> <h2>What's Changed</h2> <ul> <li>feat: Parse versions from metadata links by <a href="https://github.com/ppkarwasz"><code>@ppkarwasz</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/632">dependabot/fetch-metadata#632</a></li> <li>Upgrade actions core and actions github packages by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/649">dependabot/fetch-metadata#649</a></li> <li>docs: Add notes for using <code>alert-lookup</code> with App Token by <a href="https://github.com/sue445"><code>@sue445</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/656">dependabot/fetch-metadata#656</a></li> <li>feat!: update Node.js version to v24 by <a href="https://github.com/sturman"><code>@sturman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/671">dependabot/fetch-metadata#671</a></li> <li>Switch build tooling from ncc to esbuild by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/676">dependabot/fetch-metadata#676</a></li> <li>Add --legal-comments=none to esbuild build commands by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/679">dependabot/fetch-metadata#679</a></li> <li>Bump tsconfig target from es2022 to es2024 by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/680">dependabot/fetch-metadata#680</a></li> <li>Remove vestigial outDir from tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/681">dependabot/fetch-metadata#681</a></li> <li>Switch tsconfig module resolution to bundler by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/682">dependabot/fetch-metadata#682</a></li> <li>Remove skipLibCheck from tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/683">dependabot/fetch-metadata#683</a></li> <li>Add typecheck step to CI by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/685">dependabot/fetch-metadata#685</a></li> <li>Enable noImplicitAny in tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/684">dependabot/fetch-metadata#684</a></li> <li>Upgrade <code>@actions/core</code> to ^3.0.0 by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/677">dependabot/fetch-metadata#677</a></li> <li>Upgrade <code>@actions/github</code> to ^9.0.0 and <code>@octokit/request-error</code> to ^7.1.0 by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/678">dependabot/fetch-metadata#678</a></li> <li>Bump qs from 6.14.0 to 6.14.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/651">dependabot/fetch-metadata#651</a></li> <li>Bump hono from 4.11.1 to 4.11.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/652">dependabot/fetch-metadata#652</a></li> <li>Bump hono from 4.11.4 to 4.11.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/653">dependabot/fetch-metadata#653</a></li> <li>Bump hono from 4.11.7 to 4.12.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/657">dependabot/fetch-metadata#657</a></li> <li>Bump qs from 6.14.1 to 6.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/655">dependabot/fetch-metadata#655</a></li> <li>Bump <code>@modelcontextprotocol/sdk</code> from 1.25.1 to 1.26.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/654">dependabot/fetch-metadata#654</a></li> <li>Bump <code>@hono/node-server</code> from 1.19.9 to 1.19.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/665">dependabot/fetch-metadata#665</a></li> <li>Bump hono from 4.12.2 to 4.12.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/664">dependabot/fetch-metadata#664</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/667">dependabot/fetch-metadata#667</a></li> <li>Bump hono from 4.12.5 to 4.12.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/668">dependabot/fetch-metadata#668</a></li> <li>Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/669">dependabot/fetch-metadata#669</a></li> <li>Bump flatted from 3.3.3 to 3.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/670">dependabot/fetch-metadata#670</a></li> <li>build(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/674">dependabot/fetch-metadata#674</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ppkarwasz"><code>@ppkarwasz</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/632">dependabot/fetch-metadata#632</a></li> <li><a href="https://github.com/truggeri"><code>@truggeri</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/649">dependabot/fetch-metadata#649</a></li> <li><a href="https://github.com/sue445"><code>@sue445</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/656">dependabot/fetch-metadata#656</a></li> <li><a href="https://github.com/sturman"><code>@sturman</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/671">dependabot/fetch-metadata#671</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0">https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/ffa630c65fa7e0ecfa0625b5ceda64399aea1b36"><code>ffa630c</code></a> v3.0.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/686">#686</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/ec8fff2ea0f40ccdbdcd1fea69759029f2990807"><code>ec8fff2</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/674">#674</a> from dependabot/dependabot/npm_and_yarn/picomatch-2.3.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/caf48bddf9ab5175bbd568425ea999bab03f1147"><code>caf48bd</code></a> build(deps-dev): bump picomatch from 2.3.1 to 2.3.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/13d82742f9de94226254782b8662a39878795272"><code>13d8274</code></a> Upgrade <code>@actions/github</code> to ^9.0.0 and <code>@octokit/request-error</code> to ^7.1.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/678">#678</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/b60309944845001ba168d4947b0c43c4bc94be74"><code>b603099</code></a> Upgrade <code>@actions/core</code> from ^1.11.1 to ^3.0.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/677">#677</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/c5dc5b174070a3760ba36f0638aa6be896c4c7c9"><code>c5dc5b1</code></a> Enable noImplicitAny in tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/684">#684</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/a183f3c7985054f86eba6dd1ad07cde0067cc4f7"><code>a183f3c</code></a> Add typecheck step to CI (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/685">#685</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/5e175645c2bdda348d0b48d730d38c537356a153"><code>5e17564</code></a> Remove skipLibCheck from tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/683">#683</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/bb56eeb32acd8595e47fb3529ce5816589d912fe"><code>bb56eeb</code></a> Switch tsconfig module resolution to bundler (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/682">#682</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/3632e3d8b773dac47f843a97c7536d0ce4e73de4"><code>3632e3d</code></a> Remove vestigial outDir from tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/681">#681</a>)</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/21025c705c08248db411dc16f3619e6b5f9ea21a...ffa630c65fa7e0ecfa0625b5ceda64399aea1b36">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.9 to 4.35.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.35.1</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>v4.35.0</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>v4.34.1</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>v4.34.0</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>v4.33.0</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using advanced setup:</strong> Set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> <li> <p>Fixed <a href="https://redirect.github.com/github/codeql-action/issues/3555">a bug</a> which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. <a href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p> </li> <li> <p>The CodeQL Action now loads <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom repository properties</a> on GitHub Enterprise Server, enabling the customization of features such as <code>github-codeql-disable-overlay</code> that was previously only available on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p> </li> <li> <p>Once <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a> can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. <a href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p> </li> <li> <p>Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". <a href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p> </li> <li> <p>A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p> </li> </ul> <h2>v4.32.6</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li> </ul> <h2>v4.32.5</h2> <ul> <li>Repositories owned by an organization can now set up the <code>github-codeql-disable-overlay</code> custom repository property to disable <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis for CodeQL</a>. First, create a custom repository property with the name <code>github-codeql-disable-overlay</code> and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to <code>true</code> to disable improved incremental analysis. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. This feature is not yet available on GitHub Enterprise Server. <a href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li> <li>Added an experimental change so that when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li> <li>The minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. <a href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li> <li>Reduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. <a href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li> <li>Added an experimental change which lowers the minimum disk space requirement for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li> <li>Added an experimental change which allows the <code>start-proxy</code> action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li> <li>The previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. <a href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>, <a href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li> </ul> <h2>v4.32.4</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li> <li>Added an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries are configured</a>. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. <a href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li> <li>When the CodeQL Action is run <a href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with debugging enabled in Default Setup</a> and <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries are configured</a>, the "Setup proxy for registries" step will output additional diagnostic information that can be used for troubleshooting. <a href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li> <li>Added a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li> <li>Added a setting which enables GitHub-managed workflows, such as Default Setup, to use a <a href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly CodeQL CLI release</a> instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li> </ul> <h2>v4.32.3</h2> <ul> <li>Added experimental support for testing connections to <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a>. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. <a href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> <li>The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. <a href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li> <li>Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. <a href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li> </ul> <h2>4.35.1 - 27 Mar 2026</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>4.35.0 - 27 Mar 2026</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>4.34.1 - 20 Mar 2026</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>4.34.0 - 20 Mar 2026</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>4.33.0 - 16 Mar 2026</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using advanced setup:</strong> Set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> <li> <p>Fixed <a href="https://redirect.github.com/github/codeql-action/issues/3555">a bug</a> which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. <a href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p> </li> <li> <p>The CodeQL Action now loads <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom repository properties</a> on GitHub Enterprise Server, enabling the customization of features such as <code>github-codeql-disable-overlay</code> that was previously only available on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p> </li> <li> <p>Once <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a> can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. <a href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p> </li> <li> <p>Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". <a href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p> </li> <li> <p>A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p> </li> </ul> <h2>4.32.6 - 05 Mar 2026</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li> </ul> <h2>4.32.5 - 02 Mar 2026</h2> <ul> <li>Repositories owned by an organization can now set up the <code>github-codeql-disable-overlay</code> custom repository property to disable <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis for CodeQL</a>. First, create a custom repository property with the name <code>github-codeql-disable-overlay</code> and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to <code>true</code> to disable improved incremental analysis. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. This feature is not yet available on GitHub Enterprise Server. <a href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/c10b8064de6f491fea524254123dbe5e09572f13"><code>c10b806</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3782">#3782</a> from github/update-v4.35.1-d6d1743b8</li> <li><a href="https://github.com/github/codeql-action/commit/c5ffd0683786820677d054e3505e1c5bb4b8c227"><code>c5ffd06</code></a> Update changelog for v4.35.1</li> <li><a href="https://github.com/github/codeql-action/commit/d6d1743b8ec7ecd94f78ad1ce4cb3d8d2ba58001"><code>d6d1743</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3781">#3781</a> from github/henrymercer/update-git-minimum-version</li> <li><a href="https://github.com/github/codeql-action/commit/65d2efa7333ad65f97cc54be40f4cd18630f884c"><code>65d2efa</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/2437b20ab31021229573a66717323dd5c6ce9319"><code>2437b20</code></a> Update minimum git version for overlay to 2.36.0</li> <li><a href="https://github.com/github/codeql-action/commit/ea5f71947c021286c99f61cc426a10d715fe4434"><code>ea5f719</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3775">#3775</a> from github/dependabot/npm_and_yarn/node-forge-1.4.0</li> <li><a href="https://github.com/github/codeql-action/commit/45ceeea896ba2293e10982f871198d1950ee13d6"><code>45ceeea</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3777">#3777</a> from github/mergeback/v4.35.0-to-main-b8bb9f28</li> <li><a href="https://github.com/github/codeql-action/commit/24448c98434f429f901d27db7ddae55eec5cc1c4"><code>24448c9</code></a> Rebuild</li> <li><a href="https://github.com/github/codeql-action/commit/7c510606312e5c68ac8b27c009e5254f226f5dfa"><code>7c51060</code></a> Update changelog and version after v4.35.0</li> <li><a href="https://github.com/github/codeql-action/commit/b8bb9f28b8d3f992092362369c57161b755dea45"><code>b8bb9f2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3776">#3776</a> from github/update-v4.35.0-0078ad667</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...c10b8064de6f491fea524254123dbe5e09572f13">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-07 11:24:29 +00:00
Garrett Delfosse	be2e641162	feat: add release candidate (RC) support to release tooling (#23600 ) This adds full RC release support to the release scripts and GitHub Actions workflow. Previously, the tooling only supported stable and mainline releases with strict vMAJOR.MINOR.PATCH semver tags. Changes: - scripts/releaser/version.go: Add Pre field to version struct for prerelease suffixes (e.g. "rc.0"), update regex, parsing, String(), comparison methods, and add IsRC()/rcNumber() helpers. - scripts/releaser/release.go: Detect RC branches (release/X.Y-rc.N), suggest RC version numbers, auto-set "rc" channel (skipping stable/mainline prompt), add RC advisory to release notes, skip docs update for RC releases. - .github/workflows/release.yaml: Add "rc" channel option, fix branch derivation for RC tags (v2.32.0-rc.0 -> release/2.32-rc.0 instead of broken release/2.32.0-rc), skip homebrew/winget/package publishing for RC releases. - scripts/release/publish.sh: Add --rc flag, pass --prerelease to gh release create for RC releases. - scripts/releaser/version_test.go: Add comprehensive unit tests for version parsing, string formatting, IsRC, rcNumber, GreaterThan, and Equal with RC versions. <!-- If you have used AI to produce some or all of this PR, please ensure you have read our [AI Contribution guidelines](https://coder.com/docs/about/contributing/AI_CONTRIBUTING) before submitting. -->	2026-04-01 16:00:49 -04:00
Atif Ali	53a1b6d67e	ci: fix Linear release tracking and move complete step to release workflow (#23771 )	2026-04-01 19:35:16 +05:00
Atif Ali	56171306ff	ci: fix SLSA predicate schema in attestation steps (#23768 ) Follow-up to #23763. The custom predicate uses the SLSA v0.2 schema (`invocation`, `configSource`, `metadata`) but declares `predicate-type` as v1. GitHub's attestation API rejects the mismatch: ``` Error: Failed to persist attestation: Invalid Argument - predicate is not of type slsa1.ProvenancePredicate ``` This was masked before #23763 because the steps failed earlier on missing `subject-digest`. Now that digests are provided, this is the next error. ## Fix Remove the custom `predicate-type` and `predicate` inputs. Without them, `actions/attest@v4` auto-generates a correct SLSA v1 predicate from the GitHub Actions OIDC token — which is what `gh attestation verify` expects. - `ci.yaml`: 3 attestation steps (main, latest, version-specific) - `release.yaml`: 3 attestation steps (base, main, latest) <details> <summary>Verification (source code trace of actions/attest@v4)</summary> 1. `detect.ts`: No `predicate-type`/`predicate` → returns `'provenance'` (not `'custom'`) 2. `main.ts`: `getPredicateForType('provenance')` → `generateProvenancePredicate()` 3. `@actions/toolkit/.../provenance.ts`: `buildSLSAProvenancePredicate()` fetches OIDC claims, builds correct v1 predicate with `buildDefinition`/`runDetails` </details> > 🤖 This PR was created with the help of Coder Agents, and needs a human review. 🧑💻	2026-03-30 15:07:13 +05:00
Atif Ali	bc5e4b5d54	ci: fix broken GitHub attestations and update SBOM tooling (#23763 ) ## Problem GitHub SLSA provenance attestations have been silently failing on every release since they were introduced. Confirmed across all 10+ release runs checked (v2.29.2 through v2.31.6). The `actions/attest` action requires `subject-digest` (a `sha256:...` hash) to identify the artifact being attested, but the workflow only provided `subject-name` (the image tag like `ghcr.io/coder/coder:v2.31.6`). This caused every attestation step to error with: ``` Error: One of subject-path, subject-digest, or subject-checksums must be provided ``` The failures were masked by `continue-on-error: true` and only surfaced as `##[warning]` annotations that nobody noticed. Enterprise customers doing `gh attestation verify` would find no provenance records for any of our Docker images. > [!NOTE] > The cosign SBOM attestation (separate step) has been working correctly the entire time — it uses a different mechanism (`cosign attest --type spdxjson`) that does not require the same inputs. This fix is specifically for the GitHub-native SLSA provenance attestations. ## Fix Add `subject-digest` to all `actions/attest` steps (release.yaml + ci.yaml): - Base image: capture digest from `depot/build-push-action` output - Main image: resolve digest via `docker buildx imagetools inspect --raw` after push - Latest image: same approach - Use `subject-name` without tag per the [actions/attest docs](https://github.com/actions/attest#container-image) Update `anchore/sbom-action` from v0.18.0 to v0.24.0 (node24 support, ahead of the [June 2 deadline](https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/)). All changes remain non-blocking for the release process (`continue-on-error: true` preserved). > 🤖 This PR was created with the help of Coder Agents, and is reviewed by a human.	2026-03-30 13:15:13 +05:00
Cian Johnston	fb5c3b5800	ci: restore depot runners (#23611 ) This commit reverts the previous changes to CI jobs affected by disk space issues on depot runners.	2026-03-25 16:08:11 +00:00
Cian Johnston	32acc73047	ci: bump runner sizes (#23514 ) Bumps the runners changed in `5544a60b6e` to larger sizes.	2026-03-24 18:38:03 +00:00
Cian Johnston	5544a60b6e	ci: yeet depot runners in favour of GitHub runners (#23508 ) Depot runners are running out of disk space and blocking builds. Temporarily switch the build and release jobs from depot runners to GitHub-hosted runners: - `ci.yaml` build job: `depot-ubuntu-22.04-8` → `ubuntu-latest` - `release.yaml` check-perms + release jobs: `depot-ubuntu-22.04-8` → `ubuntu-latest` This is intended to be reverted once depot resolves their disk space issues. > 🤖 This PR was created with the help of Coder Agents, and will be reviewed by my human. 🧑‍💻	2026-03-24 17:19:38 +00:00
Cian Johnston	cbd56d33d4	ci: disable go cache for build jobs to prevent disk space exhaustion (#23484 ) Disables Go cache for the setup-go step to workaround depot runner disk space issues.	2026-03-24 11:17:39 +00:00
dependabot[bot]	abd7b7aeba	ci: bump the github-actions group across 1 directory with 9 updates (#23345 ) Bumps the github-actions group with 10 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.40.0` \| `1.44.0` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `6.0.0` \| `7.0.0` \| \| [docker/login-action](https://github.com/docker/login-action) \| `3.7.0` \| `4.0.0` \| \| [actions/attest](https://github.com/actions/attest) \| `3.2.0` \| `4.1.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `47.0.1` \| `47.0.5` \| \| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) \| `3.12.0` \| `4.0.0` \| \| [linear/linear-release-action](https://github.com/linear/linear-release-action) \| `0.4.0` \| `0.5.0` \| \| [benc-uk/workflow-dispatch](https://github.com/benc-uk/workflow-dispatch) \| `1.2.4` \| `1.3.1` \| \| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) \| `c1824fd6edce30d7ab345a9989de00bbd46ef284` \| `57a97c7e7821a5776cebc9bb87c984fa69cba8f1` \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| Updates `crate-ci/typos` from 1.40.0 to 1.44.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.44.0</h2> <h2>[1.44.0] - 2026-02-27</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1488">February 2026</a> changes</li> </ul> <h2>v1.43.5</h2> <h2>[1.43.5] - 2026-02-16</h2> <h3>Fixes</h3> <ul> <li><em>(pypi)</em> Hopefully fix the sdist build</li> </ul> <h2>v1.43.4</h2> <h2>[1.43.4] - 2026-02-09</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>pincher</code></li> </ul> <h2>v1.43.3</h2> <h2>[1.43.3] - 2026-02-06</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Adjust how typos are reported to github</li> </ul> <h2>v1.43.2</h2> <h2>[1.43.2] - 2026-02-05</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>certifi</code> in Python</li> </ul> <h2>v1.43.1</h2> <h2>[1.43.1] - 2026-02-03</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>consts</code></li> </ul> <h2>v1.43.0</h2> <h2>[1.43.0] - 2026-02-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1453">January 2026</a> changes</li> </ul> <h2>v1.42.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.44.0] - 2026-02-27</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1488">February 2026</a> changes</li> </ul> <h2>[1.43.5] - 2026-02-16</h2> <h3>Fixes</h3> <ul> <li><em>(pypi)</em> Hopefully fix the sdist build</li> </ul> <h2>[1.43.4] - 2026-02-09</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>pincher</code></li> </ul> <h2>[1.43.3] - 2026-02-06</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Adjust how typos are reported to github</li> </ul> <h2>[1.43.2] - 2026-02-05</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>certifi</code> in Python</li> </ul> <h2>[1.43.1] - 2026-02-03</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>consts</code></li> </ul> <h2>[1.43.0] - 2026-02-02</h2> <h3>Compatibility</h3> <ul> <li>Bumped MSRV to 1.91</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/631208b7aac2daa8b707f55e7331f9112b0e062d"><code>631208b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/3d3c6e376823e66c4f3e2583fc47b8be83b66d71"><code>3d3c6e3</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/ba1f545443d223c6bc2c821dad76c210fa78b46f"><code>ba1f545</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/102f66c093f0eb1a69937d3d1c589d5f16c5569b"><code>102f66c</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1510">#1510</a> from epage/feb</li> <li><a href="https://github.com/crate-ci/typos/commit/d303c9398affd88fc562292a2ec9433a37817b28"><code>d303c93</code></a> feat(dict): February updates</li> <li><a href="https://github.com/crate-ci/typos/commit/30eea72e385d435c00a24eeba0d96f87048f42ec"><code>30eea72</code></a> chore(ci): Update pre-build binary workflow</li> <li><a href="https://github.com/crate-ci/typos/commit/57b11c6b7e54c402ccd9cda953f1072ec4f78e33"><code>57b11c6</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/105ced22a5a7fedc36cbef6e5dec31b708e9ec5b"><code>105ced2</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/4f89be7e4a7933f8d9693a9da7a9e9258a8671ba"><code>4f89be7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1504">#1504</a> from schnellerhase/bump-maturin</li> <li><a href="https://github.com/crate-ci/typos/commit/d8547ad9c141d0e2c568b2344f0804a446ff25ab"><code>d8547ad</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1503">#1503</a> from 1195343015/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/2d0ce569feab1f8752f1dde43cc2f2aa53236e06...631208b7aac2daa8b707f55e7331f9112b0e062d">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 What's new</h2> <h3>Direct Uploads</h3> <p>Adds support for uploading single files directly (unzipped). Callers can set the new <code>archive</code> parameter to <code>false</code> to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The <code>name</code> parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.</p> <h3>ESM</h3> <p>To support new versions of the <code>@actions/*</code> packages, we've upgraded the package to ESM.</p> <h2>What's Changed</h2> <ul> <li>Add proxy integration test by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> <li>Upgrade the module to ESM and bump dependencies by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/762">actions/upload-artifact#762</a></li> <li>Support direct file uploads by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/764">actions/upload-artifact#764</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Link"><code>@Link</code></a>- made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0">https://github.com/actions/upload-artifact/compare/v6...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f"><code>bbbca2d</code></a> Support direct file uploads (<a href="https://redirect.github.com/actions/upload-artifact/issues/764">#764</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296"><code>589182c</code></a> Upgrade the module to ESM and bump dependencies (<a href="https://redirect.github.com/actions/upload-artifact/issues/762">#762</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5"><code>47309c9</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/754">#754</a> from actions/Link-/add-proxy-integration-tests</li> <li><a href="https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0"><code>02a8460</code></a> Add proxy integration test</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.7.0 to 4.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/929">docker/login-action#929</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/927">docker/login-action#927</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/login-action/pull/919">docker/login-action#919</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.77.0 in <a href="https://redirect.github.com/docker/login-action/pull/910">docker/login-action#910</a> <a href="https://redirect.github.com/docker/login-action/pull/928">docker/login-action#928</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a href="https://redirect.github.com/docker/login-action/pull/921">docker/login-action#921</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/login-action/pull/901">docker/login-action#901</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.7.0...v4.0.0">https://github.com/docker/login-action/compare/v3.7.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/b45d80f862d83dbcd57f89517bcf500b2ab88fb2"><code>b45d80f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/929">#929</a> from crazy-max/node24</li> <li><a href="https://github.com/docker/login-action/commit/176cb9c12abea98dfe844071c0999ff6ee9688a7"><code>176cb9c</code></a> node 24 as default runtime</li> <li><a href="https://github.com/docker/login-action/commit/cad89843109a11cb6f69f52fe695c42cf69d57d3"><code>cad8984</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/920">#920</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/92cbcb231ed341e7dc71693351b21f5ba65f8349"><code>92cbcb2</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/5a2d6a71bd3e0cb4abb6faae33f3dde61ece8e5b"><code>5a2d6a7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/44512b6b2e08b878e82b107b394fcd1af5748e63"><code>44512b6</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/928">#928</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/login-action/commit/28737a5e46bc0c62910ef429b2e55f9cabbbd5df"><code>28737a5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/dac079354afbd8db4c3b58b8cc6946573479b2a6"><code>dac0793</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.76.0 to 0.77.0</li> <li><a href="https://github.com/docker/login-action/commit/62029f315d6d05c8646343320e4a1552e5f1c77a"><code>62029f3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/919">#919</a> from docker/dependabot/npm_and_yarn/actions/core-3.0.0</li> <li><a href="https://github.com/docker/login-action/commit/08c8f064bf22a1c55918ee608a81d87b13cc4461"><code>08c8f06</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 3.2.0 to 4.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v4.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/362">actions/attest#362</a></li> <li>Bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/365">actions/attest#365</a></li> <li>Add new <code>subject-version</code> input for inclusion in storage record by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/364">actions/attest#364</a></li> <li>Add storage record content to README by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/366">actions/attest#366</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v4.0.0...v4.1.0">https://github.com/actions/attest/compare/v4.0.0...v4.1.0</a></p> <h2>v4.0.0</h2> <p>All of the capabilities of <a href="https://github.com/actions/attest-build-provenance"><code>actions/attest-build-provenance</code></a>, and <a href="https://github.com/actions/attest-sbom"><code>actions/attest-sbom</code></a> have now been folded into <code>actions/attest</code>.</p> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/core</code> from 2.0.1 to 2.0.2 in the npm-production group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/323">actions/attest#323</a></li> <li>Bump tar from 7.4.3 to 7.5.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/333">actions/attest#333</a></li> <li>Bump <code>@actions/github</code> from 6.0.1 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/324">actions/attest#324</a></li> <li>Bump <code>@actions/attest</code> from 2.1.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/325">actions/attest#325</a></li> <li>Bump tar from 7.4.3 to 7.5.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/337">actions/attest#337</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/342">actions/attest#342</a></li> <li>Consolidate attestation actions by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/346">actions/attest#346</a></li> <li>ESM Conversion by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/347">actions/attest#347</a></li> <li>Test suite refactor by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/356">actions/attest#356</a></li> <li>Bump tar from 7.5.7 to 7.5.9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/354">actions/attest#354</a></li> <li>Bump version in package.json to v4.0.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/360">actions/attest#360</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3.2.0...v4.0.0">https://github.com/actions/attest/compare/v3.2.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/59d89421af93a897026c735860bf21b6eb4f7b26"><code>59d8942</code></a> add storage record content to README (<a href="https://redirect.github.com/actions/attest/issues/366">#366</a>)</li> <li><a href="https://github.com/actions/attest/commit/ec072a1cb2a95a9fb38f16ee92f72e0270cbf263"><code>ec072a1</code></a> add new subject-version input (<a href="https://redirect.github.com/actions/attest/issues/364">#364</a>)</li> <li><a href="https://github.com/actions/attest/commit/8b290b8d865f4d5d2caca84a45d0de9620d2187a"><code>8b290b8</code></a> bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 (<a href="https://redirect.github.com/actions/attest/issues/365">#365</a>)</li> <li><a href="https://github.com/actions/attest/commit/35cfe2422ed5658cfc87b5cca7e50507f7d478da"><code>35cfe24</code></a> bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 (<a href="https://redirect.github.com/actions/attest/issues/362">#362</a>)</li> <li><a href="https://github.com/actions/attest/commit/c32b4b8b198b65d0bd9d63490e847ff7b53989d4"><code>c32b4b8</code></a> bump version in package.json to v4.0.0 (<a href="https://redirect.github.com/actions/attest/issues/360">#360</a>)</li> <li><a href="https://github.com/actions/attest/commit/1e73be196c8840af1fa1fbff376890066093a323"><code>1e73be1</code></a> Bump typescript-eslint in the npm-development group (<a href="https://redirect.github.com/actions/attest/issues/358">#358</a>)</li> <li><a href="https://github.com/actions/attest/commit/e1345cbec46c2ad797722d96bfa19e14e3548b70"><code>e1345cb</code></a> Bump the npm-development group across 1 directory with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/357">#357</a>)</li> <li><a href="https://github.com/actions/attest/commit/09cd5f66cb420c0389c6f725c641e08df274410e"><code>09cd5f6</code></a> Bump tar from 7.5.7 to 7.5.9 (<a href="https://redirect.github.com/actions/attest/issues/354">#354</a>)</li> <li><a href="https://github.com/actions/attest/commit/19ad753d23453c7b9e9caf8a907f1d9e08816359"><code>19ad753</code></a> test suite re-write (<a href="https://redirect.github.com/actions/attest/issues/356">#356</a>)</li> <li><a href="https://github.com/actions/attest/commit/7d7ff4475a8e98e172944ad0b6687ab116043a85"><code>7d7ff44</code></a> ESM Conversion (<a href="https://redirect.github.com/actions/attest/issues/347">#347</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d...59d89421af93a897026c735860bf21b6eb4f7b26">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 47.0.1 to 47.0.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v47.0.5</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v47.0.4 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2802">tj-actions/changed-files#2802</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2803">tj-actions/changed-files#2803</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2805">tj-actions/changed-files#2805</a></li> <li>chore(deps-dev): bump <code>@types/node</code> from 25.2.2 to 25.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2811">tj-actions/changed-files#2811</a></li> <li>chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2810">tj-actions/changed-files#2810</a></li> <li>chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2809">tj-actions/changed-files#2809</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2799">tj-actions/changed-files#2799</a></li> <li>chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2806">tj-actions/changed-files#2806</a></li> <li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2775">tj-actions/changed-files#2775</a></li> <li>chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2774">tj-actions/changed-files#2774</a></li> <li>chore(deps): bump lodash and <code>@types/lodash</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2807">tj-actions/changed-files#2807</a></li> <li>chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2764">tj-actions/changed-files#2764</a></li> <li>chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2815">tj-actions/changed-files#2815</a></li> <li>chore(deps-dev): bump <code>@types/node</code> from 25.3.2 to 25.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2814">tj-actions/changed-files#2814</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5</a></p> <h2>v47.0.4</h2> <h2>What's Changed</h2> <ul> <li>update: release-tagger action to version 6.0.6 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2801">tj-actions/changed-files#2801</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4</a></p> <h2>v47.0.3</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2790">tj-actions/changed-files#2790</a></li> <li>update: release-tagger action to version 6.0.0 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2800">tj-actions/changed-files#2800</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3</a></p> <h2>v47.0.2</h2> <h2>What's Changed</h2> <ul> <li>chore(deps-dev): bump eslint-plugin-jest from 29.2.1 to 29.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2751">tj-actions/changed-files#2751</a></li> <li>chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2741">tj-actions/changed-files#2741</a></li> <li>chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2743">tj-actions/changed-files#2743</a></li> <li>chore(deps): bump <code>@actions/core</code> from 2.0.0 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2757">tj-actions/changed-files#2757</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2768">tj-actions/changed-files#2768</a></li> <li>chore: update dist by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2769">tj-actions/changed-files#2769</a></li> <li>chore: update matrix-example.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2752">tj-actions/changed-files#2752</a></li> <li>feat: add support for excluding symlinks and fix bug with commit not found by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2770">tj-actions/changed-files#2770</a></li> <li>chore(deps): bump github/codeql-action from 4.31.7 to 4.31.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2761">tj-actions/changed-files#2761</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2771">tj-actions/changed-files#2771</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.11.0 to 29.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2756">tj-actions/changed-files#2756</a></li> <li>chore(deps-dev): bump <code>@types/lodash</code> from 4.17.21 to 4.17.23 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2759">tj-actions/changed-files#2759</a></li> <li>fix: Update test.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2781">tj-actions/changed-files#2781</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">47.0.5</a> - (2026-03-03)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2805">#2805</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/35dace0375d89e25e78db5f0a44127b61f4e5c20">35dace0</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2803">#2803</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/9ee99eb5bda5d6a67fedcd50ecd24fb10add2f41">9ee99eb</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 25.3.2 to 25.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>) (<a href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323">22103cc</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 4.32.4 to 4.32.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182">6c02e90</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>) (<a href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2">05f9457</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump lodash and <code>@types/lodash</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>) (<a href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401">52ed872</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>) (<a href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c">1cc5746</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump prettier from 3.7.4 to 3.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>) (<a href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a">de2962f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 4.32.2 to 4.32.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>) (<a href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15">37e96cc</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-jest from 29.12.1 to 29.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014">2180b0f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1">cf021c1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 7.0.0 to 8.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53">b54ac6f</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 25.2.2 to 25.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2811">#2811</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0f2a510bd7ac84bc12cdc52c2094298bc26b1692">0f2a510</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v47.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2802">#2802</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/b7ac303c8684d5e668c6c810e61a6fe32a53fe25">b7ac303</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">47.0.4</a> - (2026-02-17)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Release-tagger action to version 6.0.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2801">#2801</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7dee1b0c1557f278e5c7dc244927139d78c0e22a">7dee1b0</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">47.0.3</a> - (2026-02-17)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Release-tagger action to version 6.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2800">#2800</a>) (<a href="https://github.com/tj-actions/changed-files/commit/28b28f6e4e9e3d997beb9dce86cfd8cf0ce7c7f6">28b28f6</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump github/codeql-action from 4.31.10 to 4.32.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2790">#2790</a>) (<a href="https://github.com/tj-actions/changed-files/commit/875e6e5df8b8b00995fe6f0afd7ff1531ac1c47d">875e6e5</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323"><code>22103cc</code></a> chore(deps-dev): bump <code>@types/node</code> from 25.3.2 to 25.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182"><code>6c02e90</code></a> chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2"><code>05f9457</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401"><code>52ed872</code></a> chore(deps): bump lodash and <code>@types/lodash</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c"><code>1cc5746</code></a> chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a"><code>de2962f</code></a> chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15"><code>37e96cc</code></a> chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014"><code>2180b0f</code></a> chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1"><code>cf021c1</code></a> chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53"><code>b54ac6f</code></a> chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/e0021407031f5be11a464abee9a0776171c79891...22103cc46bda19c2b464ffe86db46df6922fd323">compare view</a></li> </ul> </details> <br /> Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/483">docker/setup-buildx-action#483</a></li> <li>Remove deprecated inputs/outputs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/464">docker/setup-buildx-action#464</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/481">docker/setup-buildx-action#481</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/475">docker/setup-buildx-action#475</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.79.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/482">docker/setup-buildx-action#482</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/485">docker/setup-buildx-action#485</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/452">docker/setup-buildx-action#452</a></li> <li>Bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/472">docker/setup-buildx-action#472</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/480">docker/setup-buildx-action#480</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0">https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd"><code>4d04d5d</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/485">#485</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/cd74e05d9bae4eeec789f90ba15dc6fb4b60ae5d"><code>cd74e05</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/eee38ec7b3ed034ee896d3e212e5d11c04562b84"><code>eee38ec</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.77.0 to 0.79.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/7a83f65b5a215b3c81b210dafdc20362bd2b4e24"><code>7a83f65</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/484">#484</a> from docker/dependabot/github_actions/docker/setup-qe...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a5aa96747d67f62520b42af91aeb306e7374b327"><code>a5aa967</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/464">#464</a> from crazy-max/rm-deprecated</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e73d53fa4ed86ff46faaf2b13a228d6e93c51af3"><code>e73d53f</code></a> build(deps): bump docker/setup-qemu-action from 3 to 4</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/28a438e9ed9ef7ae2ebd0bf839039005c9501312"><code>28a438e</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/483">#483</a> from crazy-max/node24</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/034e9d37dd436b56b0167bea5a11ab731413e8cf"><code>034e9d3</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/b4664d8fd0ba15ff14560ab001737c666076d5be"><code>b4664d8</code></a> remove deprecated inputs/outputs</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a8257dec35f244ad06b4ff6c90fdd2ba97f262ba"><code>a8257de</code></a> node 24 as default runtime</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd">compare view</a></li> </ul> </details> <br /> Updates `linear/linear-release-action` from 0.4.0 to 0.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/linear/linear-release-action/releases">linear/linear-release-action's releases</a>.</em></p> <blockquote> <h2>v0.5.0</h2> <h2>What's Changed</h2> <ul> <li>Documentation improvements by <a href="https://github.com/RomainCscn"><code>@RomainCscn</code></a> in <a href="https://redirect.github.com/linear/linear-release-action/pull/8">linear/linear-release-action#8</a></li> <li>Add support for release_version, same as the CLI by <a href="https://github.com/RomainCscn"><code>@RomainCscn</code></a> in <a href="https://redirect.github.com/linear/linear-release-action/pull/9">linear/linear-release-action#9</a></li> <li>Set CLI version default to latest</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0">https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/linear/linear-release-action/commit/5cbaabc187ceb63eee9d446e62e68e5c29a03ae8"><code>5cbaabc</code></a> Make latest the default cli version</li> <li><a href="https://github.com/linear/linear-release-action/commit/7fb27ceb7e17ef4353a87f85f4fc1e3d3416c057"><code>7fb27ce</code></a> Add support for release_version, same as the CLI (<a href="https://redirect.github.com/linear/linear-release-action/issues/9">#9</a>)</li> <li><a href="https://github.com/linear/linear-release-action/commit/fbf0176c7348aa6444e5e3d14db454cb4f4baab8"><code>fbf0176</code></a> Ensure name is properly used when creating scheduled release (<a href="https://redirect.github.com/linear/linear-release-action/issues/8">#8</a>)</li> <li>See full diff in <a href="https://github.com/linear/linear-release-action/compare/v0.4.0...5cbaabc187ceb63eee9d446e62e68e5c29a03ae8">compare view</a></li> </ul> </details> <br /> Updates `benc-uk/workflow-dispatch` from 1.2.4 to 1.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benc-uk/workflow-dispatch/releases">benc-uk/workflow-dispatch's releases</a>.</em></p> <blockquote> <h2>v1.3.1</h2> <h2>Features</h2> <ul> <li><strong>New <code>sync-status</code> input</strong> — when used with <code>wait-for-completion</code>, mirrors the triggered workflow's conclusion (failure/cancelled) back to this action's status (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Alternate <code>ref</code> default for PRs</strong> — automatically uses <code>github.head_ref</code> when running in a pull request context, avoiding <code>refs/pull/.../merge</code> errors (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li> </ul> <h2>Bug Fixes</h2> <ul> <li><strong>Safer JSON input parsing</strong> — invalid <code>inputs</code> JSON now logs an error instead of throwing an unhandled exception (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Improved timeout handling</strong> — timeout now sets a distinct <code>timed_out</code> status and emits a warning instead of silently breaking (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Improved warning message formatting</strong> for workflow run timeout</li> </ul> <h2>Internal Changes & Chores</h2> <ul> <li>Replaced <code>console.log</code> calls with <code>core.info</code> for proper Actions log integration (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Removed stale <code>ref</code>/<code>inputs</code> parameters from the workflow list API call (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Expanded CI test matrix from 3 sequential steps to 9 parallel test jobs covering workflow lookup, output assertions, wait-for-completion, sync-status, and error handling (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Added CI path filters to skip docs-only changes (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Changed echo-3 test fixture from <code>workflow_call</code> to <code>workflow_dispatch</code> with deterministic failure (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Removed unused <code>.vscode/settings.json</code> (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Added <code>.github/copilot-instructions.md</code> (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>General project chores</li> </ul> <h2>Documentation Updates</h2> <ul> <li>No documentation updates in this release</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/7a027648b88c2413826b6ddd6c76114894dc5ec4"><code>7a02764</code></a> Improvements: sync-status, error handling, CI test coverage & path filters (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/3162154e5e0697f47fb76f12ed5508c5f3c066d7"><code>3162154</code></a> Use alternate <code>ref</code> default for PRs (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/4085c9787530f7d3f497838f77fce7b96a554397"><code>4085c97</code></a> project chores</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/6fd6de2826a993af5b50dfb55da903d4f1ca05ee"><code>6fd6de2</code></a> Improve warning message formatting for workflow run timeout</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/a54f9d194fed472732282ed1597dc4909e4b4080"><code>a54f9d1</code></a> 2026 refresh (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/83">#83</a>)</li> <li>See full diff in <a href="https://github.com/benc-uk/workflow-dispatch/compare/e2e5e9a103e331dad343f381a29e654aea3cf8fc...7a027648b88c2413826b6ddd6c76114894dc5ec4">compare view</a></li> </ul> </details> <br /> Updates `aquasecurity/trivy-action` from c1824fd6edce30d7ab345a9989de00bbd46ef284 to 57a97c7e7821a5776cebc9bb87c984fa69cba8f1 \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/57a97c7e7821a5776cebc9bb87c984fa69cba8f1"><code>57a97c7</code></a> chore(deps): Update trivy to v0.69.3 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/519">#519</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/97e0b3872f55f89b95b2f65b3dbab56962816478"><code>97e0b38</code></a> chore: bump Trivy version to v0.69.2 in test workflow and README (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/515">#515</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/4c61e6329bab9be735ca35291551614bc663dff3"><code>4c61e63</code></a> chore: bump default Trivy version to v0.69.2 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/513">#513</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/1bd062560b422f5944df1de50abd05162bea079e"><code>1bd0625</code></a> Merge pull request <a href="https://redirect.github.com/aquasecurity/trivy-action/issues/508">#508</a> from nikpivkin/feat/pass-yaml-ignore-file</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/bce3086c4aa186dadd6671d45ad6dd5d1b8440ac"><code>bce3086</code></a> remove unused init-cache target</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/5a9fbb1236dc1b5ee9e73b5a515009a1dc684548"><code>5a9fbb1</code></a> supress progress bar when download db</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/16154502cae788884830e8df2671639b8cbaa03f"><code>1615450</code></a> update trivyignores input description</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/df85774a457f1f0a32a8e5744c2bced057257d65"><code>df85774</code></a> add comment about fd3</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/56c8daebb96c35cabeeda8187a6dd3ec711d0a72"><code>56c8dae</code></a> remove unused variable</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/e368e328979b113139d6f9068e03accaed98a518"><code>e368e32</code></a> ci(test): add zizmor security linter for GitHub Actions (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/502">#502</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li>Additional commits viewable in <a href="https://github.com/aquasecurity/trivy-action/compare/c1824fd6edce30d7ab345a9989de00bbd46ef284...57a97c7e7821a5776cebc9bb87c984fa69cba8f1">compare view</a></li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Atif Ali <atif@coder.com>	2026-03-20 02:59:50 +00:00
Garrett Delfosse	1f5f6c9ccb	chore: add new interactive release package (#22624 )	2026-03-18 12:19:54 -04:00
Ethan	e738ff5299	ci: remove dylib build pipeline (#22592 ) ## Summary The macOS `.dylib` is only used by Coder Desktop macOS v0.7.2 or older. v0.7.2 was released in August 2025. v0.8.0 of Coder Desktop macOS, also released in August 2025, uses a signed Coder slim binary from the deployment instead. It's unlikely customers will be using Coder Desktop macOS v0.7.2 and the next release of Coder simultaneously, so I think we can safely remove this process, given it slows down CI & release processes. ## Changes - Makefile: Remove `DYLIB_ARCHES`, `CODER_DYLIBS` variables and `build/coder-dylib` target - scripts/build_go.sh: Remove `--dylib` flag and all dylib-specific logic (c-shared buildmode, CGO, plist embedding, vpn/dylib entrypoint) - scripts/sign_darwin.sh: Remove dylib-specific comment - CI (ci.yaml): Remove `build-dylib` job, artifact download/insert steps, and `build-dylib` dependency from `build` job - Release (release.yaml): Remove `build-dylib` job, artifact download/insert steps, and `build-dylib` dependency from `release` job - vpn/dylib/: Delete entire directory (`lib.go` + `info.plist.tmpl`) - vpn/router.go, vpn/dns.go: Clean up comments referencing dylib The slim and fat binary builds are completely unaffected — the dylib was an independent build target with its own CI job. _Generated by mux but reviewed by a human_	2026-03-05 01:50:50 +11:00
Steven Masley	f6b4b7edab	ci: remove sqlc push to cloud (#22574 ) I left a vestigial piece, whooops	2026-03-03 14:49:00 -06:00
Steven Masley	8ea0c2f3bc	ci: remove ci action to push schema to sqlc cloud (#22572 ) SQLc cloud no longer exists	2026-03-03 14:21:07 -06:00
dependabot[bot]	06cfe2705a	ci: bump the github-actions group with 3 updates (#22125 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [depot/setup-action](https://github.com/depot/setup-action) and [depot/build-push-action](https://github.com/depot/build-push-action). Updates `step-security/harden-runner` from 2.14.1 to 2.14.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.2</h2> <h2>What's Changed</h2> <p>Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See <a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-cpmj-h4f6-r6pq">GHSA-cpmj-h4f6-r6pq</a> for details.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2">https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/5ef0c079ce82195b2a36a210272d6b661572d83e"><code>5ef0c07</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/635">#635</a> from step-security/rc-34</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb43c7b3fd5a30c42ff1ab84b494f1cc6c7cc3b6"><code>eb43c7b</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...5ef0c079ce82195b2a36a210272d6b661572d83e">compare view</a></li> </ul> </details> <br /> Updates `depot/setup-action` from 1.6.0 to 1.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/setup-action/releases">depot/setup-action's releases</a>.</em></p> <blockquote> <h2>v1.7.1</h2> <h2>What's Changed</h2> <ul> <li>Update release workflow to ubuntu-latest (<a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.7.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/setup-action/commit/15c09a5f77a0840ad4bce955686522a257853461"><code>15c09a5</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a> from depot/jacobwgillespie-patch-1</li> <li><a href="https://github.com/depot/setup-action/commit/3194a53ed0aa42e00bc88f2411ab49d3f60219ba"><code>3194a53</code></a> Update release workflow to ubuntu-latest</li> <li><a href="https://github.com/depot/setup-action/commit/c0b08c3ba30137f89e75961508b587484558ff0f"><code>c0b08c3</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/setup-action/commit/23e67ebf8b5a313459580616cd34c7787607ac86"><code>23e67eb</code></a> chore: update action dependencies</li> <li><a href="https://github.com/depot/setup-action/commit/0886069e678860faf0d22c46e9f154d35beaa529"><code>0886069</code></a> chore: update node to v24</li> <li>See full diff in <a href="https://github.com/depot/setup-action/compare/b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5...15c09a5f77a0840ad4bce955686522a257853461">compare view</a></li> </ul> </details> <br /> Updates `depot/build-push-action` from 1.16.2 to 1.17.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/build-push-action/releases">depot/build-push-action's releases</a>.</em></p> <blockquote> <h2>v1.17.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> <li>Fix typo (<a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a>) <a href="https://github.com/gavrie"><code>@gavrie</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/build-push-action/commit/5f3b3c2e5a00f0093de47f657aeaefcedff27d18"><code>5f3b3c2</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/build-push-action/commit/1c8a5de5bf842e36234a9f65b76b66173541193f"><code>1c8a5de</code></a> chore: update actions dependency</li> <li><a href="https://github.com/depot/build-push-action/commit/88deb2d202089ac6bada8368187086a1d5cb6daa"><code>88deb2d</code></a> chore: update node to v24</li> <li><a href="https://github.com/depot/build-push-action/commit/eb4edcff909a80720d31732b633e4691b0c7cf02"><code>eb4edcf</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a> from gavrie/fix-typo</li> <li><a href="https://github.com/depot/build-push-action/commit/b7a09de6c74816aaa562b09c2d4082c63c68629a"><code>b7a09de</code></a> Fix typo</li> <li>See full diff in <a href="https://github.com/depot/build-push-action/compare/9785b135c3c76c33db102e45be96a25ab55cd507...5f3b3c2e5a00f0093de47f657aeaefcedff27d18">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-16 13:24:16 +00:00
dependabot[bot]	19d24075da	ci: bump the github-actions group with 4 updates (#22010 ) Bumps the github-actions group with 4 updates: [actions/cache](https://github.com/actions/cache), [docker/login-action](https://github.com/docker/login-action), [actions/attest](https://github.com/actions/attest) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/cache` from 5.0.2 to 5.0.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.3</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.3">https://github.com/actions/cache/compare/v5...v5.0.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>How to prepare a release</h2> <blockquote> <p>[!NOTE]<br /> Relevant for maintainers with write access only.</p> </blockquote> <ol> <li>Switch to a new branch from <code>main</code>.</li> <li>Run <code>npm test</code> to ensure all tests are passing.</li> <li>Update the version in <a href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li> <li>Run <code>npm run build</code> to update the compiled files.</li> <li>Update this <a href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a> with the new version and changes in the <code>## Changelog</code> section.</li> <li>Run <code>licensed cache</code> to update the license report.</li> <li>Run <code>licensed status</code> and resolve any warnings by updating the <a href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a> file with the exceptions.</li> <li>Commit your changes and push your branch upstream.</li> <li>Open a pull request against <code>main</code> and get it reviewed and merged.</li> <li>Draft a new release <a href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a> use the same version number used in <code>package.json</code> <ol> <li>Create a new tag with the version number.</li> <li>Auto generate release notes and update them to match the changes you made in <code>RELEASES.md</code>.</li> <li>Toggle the set as the latest release option.</li> <li>Publish the release.</li> </ol> </li> <li>Navigate to <a href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a> <ol> <li>There should be a workflow run queued with the same version number.</li> <li>Approve the run to publish the new version and update the major tags for this action.</li> </ol> </li> </ol> <h2>Changelog</h2> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/cdf6c1fa76f9f475f3d7449005a359c84ca0f306"><code>cdf6c1f</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1695">#1695</a> from actions/Link-/prepare-5.0.3</li> <li><a href="https://github.com/actions/cache/commit/a1bee22673bee4afb9ce4e0a1dc3da1c44060b7d"><code>a1bee22</code></a> Add review for the <code>@actions/http-client</code> license</li> <li><a href="https://github.com/actions/cache/commit/46957638dc5c5ff0c34c0143f443c07d3a7c769f"><code>4695763</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/dc73bb9f7bf74a733c05ccd2edfd1f2ac9e5f502"><code>dc73bb9</code></a> Upgrade dependencies and address security warnings</li> <li><a href="https://github.com/actions/cache/commit/345d5c2f761565bace4b6da356737147e9041e3a"><code>345d5c2</code></a> Add 5.0.3 builds</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/8b402f58fbc84540c8b491a91e594a4576fec3d7...cdf6c1fa76f9f475f3d7449005a359c84ca0f306">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.6.0 to 3.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.7.0</h2> <ul> <li>Add <code>scope</code> input to set scopes for the authentication token by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li> <li>Add support for AWS European Sovereign Cloud ECR by <a href="https://github.com/dphi"><code>@dphi</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li> <li>Ensure passwords are redacted with <code>registry-auth</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li> <li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/c94ce9fb468520275223c153574b00df6fe4bcc9"><code>c94ce9f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/915">#915</a> from docker/dependabot/npm_and_yarn/lodash-4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/8339c958ce8511f38d0c474c1886a87c802bf1ef"><code>8339c95</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/912">#912</a> from docker/scope</li> <li><a href="https://github.com/docker/login-action/commit/c83e9320c8beb50b77dd007c46d5c8161f0cac4a"><code>c83e932</code></a> build(deps): bump lodash from 4.17.21 to 4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/b268aa57e39ff0a5386d2fd1eded4e2e1d60d705"><code>b268aa5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/a60322927812ddc99316dd6252b4fba6d8f09ac1"><code>a603229</code></a> documentation for scope input</li> <li><a href="https://github.com/docker/login-action/commit/7567f92a74b2639be1bd8bc932a112a0d81283da"><code>7567f92</code></a> Add scope input to set scopes for the authentication token</li> <li><a href="https://github.com/docker/login-action/commit/0567fa5ae8c9a197cb207537dc5cbb43ca3d803f"><code>0567fa5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/914">#914</a> from dphi/add-support-for-amazonaws.eu</li> <li><a href="https://github.com/docker/login-action/commit/f6ef57754547a85003a0e18f789be661346d4a6e"><code>f6ef577</code></a> feat: add support for AWS European Sovereign Cloud ECR registries</li> <li><a href="https://github.com/docker/login-action/commit/916386b00027d425839f8da46d302dab33f5875b"><code>916386b</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/911">#911</a> from crazy-max/ensure-redact</li> <li><a href="https://github.com/docker/login-action/commit/5b3f94a294ea5478af3af437baa6ad0d3dcd04fd"><code>5b3f94a</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 3.1.0 to 3.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>Bump the npm-development group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/320">actions/attest#320</a></li> <li>Validate repository org-ownership before storage record creation by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/328">actions/attest#328</a></li> <li>Update version to 3.2.0 by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/334">actions/attest#334</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3.1.0...v3.2.0">https://github.com/actions/attest/compare/v3.1.0...v3.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d"><code>e59cbc1</code></a> Update version to 3.2.0 (<a href="https://redirect.github.com/actions/attest/issues/334">#334</a>)</li> <li><a href="https://github.com/actions/attest/commit/20eb46ce7aac0a8d0fb0ba74463460bff36cc0bd"><code>20eb46c</code></a> Validate repository org-ownership before storage record creation (<a href="https://redirect.github.com/actions/attest/issues/328">#328</a>)</li> <li><a href="https://github.com/actions/attest/commit/7433fa7e7a4d4084bbd71358379fa9b45ce9d4d7"><code>7433fa7</code></a> Update <code>undici</code> development dependency to the latest version (<a href="https://redirect.github.com/actions/attest/issues/332">#332</a>)</li> <li><a href="https://github.com/actions/attest/commit/c03bf4160d4018cb293f5dcbf204e47c1b2808e1"><code>c03bf41</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/320">#320</a>)</li> <li>See full diff in <a href="https://github.com/actions/attest/compare/7667f588f2f73a90cea6c7ac70e78266c4f76616...e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.1 to 7.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.2</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Fix: Nix versions under <code>v2.33</code> not supported by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/295">nix-community/cache-nix-action#295</a></li> <li>Use a more precise check by <a href="https://github.com/deemp"><code>@deemp</code></a> in 47869c4cbb023c803424e7311f07a744a2d66296</li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.0 to 8.53.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/284">nix-community/cache-nix-action#284</a></li> <li>chore(deps): bump DeterminateSystems/determinate-nix-action from 3.15.1 to 3.15.2 in the minor-actions-dependencies group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/288">nix-community/cache-nix-action#288</a></li> <li>chore(deps-dev): bump eslint-config-love from 144.0.0 to 147.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/287">nix-community/cache-nix-action#287</a></li> <li>chore(deps-dev): bump prettier from 3.8.0 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/286">nix-community/cache-nix-action#286</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/290">nix-community/cache-nix-action#290</a></li> <li>chore(deps): bump <code>@actions/github</code> from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/291">nix-community/cache-nix-action#291</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/289">nix-community/cache-nix-action#289</a></li> <li>chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/294">nix-community/cache-nix-action#294</a></li> </ul> <!-- raw HTML omitted --> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/7df957e333c1e5da7721f60227dbba6d06080569"><code>7df957e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/47869c4cbb023c803424e7311f07a744a2d66296"><code>47869c4</code></a> fix(action): use a more precise check</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/eca69c462eda8455304862773d53bfe08a7c1fad"><code>eca69c4</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/295">#295</a> from nix-community/nix-versions-under-v233-not-supported</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b6fd2e3f7b9992c952409248b26c3806976ca922"><code>b6fd2e3</code></a> feat(ci): add test with Nix version <2.33</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/ddd9cbc8ee25d0dbd64bc7bf380398d810fedcc0"><code>ddd9cbc</code></a> fix(ci): bump action version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/922e9060c19ec2c406a055d4255ec1760e0af798"><code>922e906</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4038f94ae961f71f156295e34fc27af3846cb555"><code>4038f94</code></a> refactor(action): rename constants for command results</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/dfde4d35b86aa2875e5829cfc8b6c2d4c203ab9b"><code>dfde4d3</code></a> fix(action): choose command based on the Nix version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4b2dd9ec99b6d72fad66eeff381bc94d20d7207d"><code>4b2dd9e</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/294">#294</a> from nix-community/dependabot/npm_and_yarn/eslint-con...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/273d1a77100543feec627c2bdd09b6c7060b88ab"><code>273d1a7</code></a> chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/106bba72ed8e29c8357661199511ef07790175e9...7df957e333c1e5da7721f60227dbba6d06080569">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-09 13:35:13 +00:00
Ethan	dc633e22a3	ci: add setup-gnu-tools action for macOS runners (#21938 ) macOS runners lack GNU toolchain dependencies (bash 4+, GNU getopt, make 4+) required by `scripts/lib.sh`. When any script sources `lib.sh`, it checks for these dependencies and fails if they're missing. This caused consistent failures in the `test-go-pg (macos-latest)` job in `nightly-gauntlet.yaml`, which didn't have the GNU tools setup that `ci.yaml` had. Commit `9a417df` ("ci: add retry logic for Go module operations") added a macOS GNU tools step to `ci.yaml`, but `nightly-gauntlet.yaml` was not updated. This PR adds a reusable `setup-gnu-tools` action and uses it consistently across all workflows with macOS jobs, replacing the inline brew install steps. Closes https://github.com/coder/internal/issues/1133	2026-02-05 05:06:10 +00:00
dependabot[bot]	1276b9d9b7	ci: bump the github-actions group with 2 updates (#21846 ) [//]: # (dependabot-start) ⚠️ Dependabot is rebasing this PR ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps the github-actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [actions/setup-java](https://github.com/actions/setup-java). Updates `step-security/harden-runner` from 2.14.0 to 2.14.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.1</h2> <h2>What's Changed</h2> <ol> <li> <p>In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.</p> </li> <li> <p>Fixed npm audit vulnerabilities</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1">https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/e3f713f2d8f53843e71c69a996d56f51aa9adfb9"><code>e3f713f</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/631">#631</a> from step-security/rc-31</li> <li><a href="https://github.com/step-security/harden-runner/commit/423acdda6fd4f75f197b7c305a3f2e3d700dc00b"><code>423acdd</code></a> chore: fix npm audit vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/0ddb86cf0353b79dbed5bb8cef4103700cea70a7"><code>0ddb86c</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 5.1.0 to 5.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.2.0</h2> <h2>What's Changed</h2> <h3>Enhancement</h3> <ul> <li>Retry on HTTP 522 Connection timed out by <a href="https://github.com/findepi"><code>@findepi</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <h3>Documentation Changes</h3> <ul> <li>Update gradle caching by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/972">actions/setup-java#972</a></li> <li>Update checkout to v6 by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/973">actions/setup-java#973</a></li> </ul> <h3>Dependency Updates</h3> <ul> <li>Upgrade <code>@actions/cache</code> to v5 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/968">actions/setup-java#968</a></li> <li>Upgrade actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/961">actions/setup-java#961</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/findepi"><code>@findepi</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.2.0">https://github.com/actions/setup-java/compare/v5...v5.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/be666c2fcd27ec809703dec50e508c2fdc7f6654"><code>be666c2</code></a> Chore: Version Update and Checkout Update to v6 (<a href="https://redirect.github.com/actions/setup-java/issues/973">#973</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/f7a6fefba97e80156950e16f2a9dafc8579b7d05"><code>f7a6fef</code></a> Bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/actions/setup-java/issues/961">#961</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d81c4e45f3ac973cc936d79104023e20054ba578"><code>d81c4e4</code></a> Upgrade <code>@actions/cache</code> to v5 (<a href="https://redirect.github.com/actions/setup-java/issues/968">#968</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/1b1bbe1085cb6ab21b5b19b7bebc091a9430026a"><code>1b1bbe1</code></a> readme update (<a href="https://redirect.github.com/actions/setup-java/issues/972">#972</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/5d7b2146334bacf88728daaa70414a99f5164e0f"><code>5d7b214</code></a> Retry on HTTP 522 Connection timed out (<a href="https://redirect.github.com/actions/setup-java/issues/964">#964</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/f2beeb24e141e01a676f977032f5a29d81c9e27e...be666c2fcd27ec809703dec50e508c2fdc7f6654">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-02 13:53:07 +00:00
Kacper Sawicki	9a417df940	ci: add retry logic for Go module operations (#21609 ) ## Description Add exponential backoff retries to all `go install` and `go mod download` commands across CI workflows and actions. ## Why Fixes [coder/internal#1276](https://github.com/coder/internal/issues/1276) - CI fails when `sum.golang.org` returns 500 errors during Go module verification. This is an infrastructure-level flake that can't be controlled. ## Changes - Created `.github/scripts/retry.sh` - reusable retry helper with exponential backoff (2s, 4s, 8s delays, max 3 attempts), using `scripts/lib.sh` helpers - Wrapped all `go install` and `go mod download` commands with retry in: - `.github/actions/setup-go/action.yaml` - `.github/actions/setup-sqlc/action.yaml` - `.github/actions/setup-go-tools/action.yaml` - `.github/workflows/ci.yaml` - `.github/workflows/release.yaml` - `.github/workflows/security.yaml` - Added GNU tools setup (bash 4+, GNU getopt, make 4+) for macOS in `test-go-pg` job, since `retry.sh` uses `lib.sh` which requires these tools	2026-01-29 16:05:49 +01:00
dependabot[bot]	bb186b8699	ci: bump the github-actions group across 1 directory with 4 updates (#21683 ) Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache), [chromaui/action](https://github.com/chromaui/action) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/checkout` from 6.0.1 to 6.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.2</h2> <h2>What's Changed</h2> <ul> <li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v6.0.2</h2> <ul> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <h2>v6.0.1</h2> <ul> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> </ul> <h2>v6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>v5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>v5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>v4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>v4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a> Fix tag handling: preserve annotations and explicit fetch-tags (<a href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li> <li><a href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a> Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 5.0.1 to 5.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v.5.0.2</h2> <h1>v5.0.2</h1> <h2>What's Changed</h2> <p>When creating cache entries, 429s returned from the cache service will not be retried.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/8b402f58fbc84540c8b491a91e594a4576fec3d7"><code>8b402f5</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1692">#1692</a> from GhadimiR/main</li> <li><a href="https://github.com/actions/cache/commit/304ab5a0701ee61908ccb4b5822347949a2e2002"><code>304ab5a</code></a> license for httpclient</li> <li><a href="https://github.com/actions/cache/commit/609fc19e67cd310e97eb36af42355843ffcb35be"><code>609fc19</code></a> Update licensed record for cache</li> <li><a href="https://github.com/actions/cache/commit/b22231e43df11a67538c05e88835f1fa097599c5"><code>b22231e</code></a> Build</li> <li><a href="https://github.com/actions/cache/commit/93150cdfb36a9d84d4e8628c8870bec84aedcf8a"><code>93150cd</code></a> Add PR link to releases</li> <li><a href="https://github.com/actions/cache/commit/9b8ca9f07e012351dafbf1c878e8fe2ee9a01c84"><code>9b8ca9f</code></a> Bump actions/cache to 5.0.3</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...8b402f58fbc84540c8b491a91e594a4576fec3d7">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.4 to 13.3.5 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/07791f8243f4cb2698bf4d00426baf4b2d1cb7e0"><code>07791f8</code></a> v13.3.5</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694...07791f8243f4cb2698bf4d00426baf4b2d1cb7e0">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.0 to 7.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.1</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Checkpoint Nix store database before saving cache by <a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> <li>Checkpoint Nix store database before copying it by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/279">nix-community/cache-nix-action#279</a></li> </ul> <h2>Fixed (CI)</h2> <ul> <li>Fix formatting in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/280">nix-community/cache-nix-action#280</a></li> <li>Fix workflows for PRs in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/281">nix-community/cache-nix-action#281</a></li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps): bump <code>@actions/github</code> from 6.0.1 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/272">nix-community/cache-nix-action#272</a></li> <li>chore(deps-dev): bump eslint-config-love from 140.0.0 to 144.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/271">nix-community/cache-nix-action#271</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/269">nix-community/cache-nix-action#269</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.12.0 to 29.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/266">nix-community/cache-nix-action#266</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/268">nix-community/cache-nix-action#268</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/273">nix-community/cache-nix-action#273</a></li> <li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/277">nix-community/cache-nix-action#277</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/274">nix-community/cache-nix-action#274</a></li> </ul> <!-- raw HTML omitted --> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> made their first contribution in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/106bba72ed8e29c8357661199511ef07790175e9"><code>106bba7</code></a> fix(ci): use a modern command</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b244431fab1b7abe5a59cdf0a5333321adfc040f"><code>b244431</code></a> chore: update src</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/052bf75174c2526e286675ef224b3ed819ca069b"><code>052bf75</code></a> chore: update docs</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c19319ee78cf2c8fdae7caec6d618d8d2f103a63"><code>c19319e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/e3b90182d2cfa77237ff1a124c0017402fe96732"><code>e3b9018</code></a> feat(action): add comment about checkpointing after database merging</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/05419d3e13bd8048ce71089f751a60193e8b2520"><code>05419d3</code></a> feat(readme): mention that the action may affect the workflow speed</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/0c043090a02147aa5edf074d1b0b7ccae887fd53"><code>0c04309</code></a> refactor(readme): group limitations and list them in separate sections</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/084a7ec7cc80327648e51c57b90e12b596675f40"><code>084a7ec</code></a> fix(github): adress linter comments and format templates</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b23f7c961d5d57e86f703e0526f2b35fc9223c12"><code>b23f7c9</code></a> fix(ci): don't fail-fast</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/6b5a012f6e29cda21881bcb0432a5350d18b44ad"><code>6b5a012</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/281">#281</a> from nix-community/fix-prs</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/b426b118b6dc86d6952988d396aa7c6b09776d08...106bba72ed8e29c8357661199511ef07790175e9">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-01-26 13:20:40 +00:00
dependabot[bot]	61c379dba6	ci: bump the github-actions group with 3 updates (#21394 ) Bumps the github-actions group with 3 updates: [actions/attest](https://github.com/actions/attest), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/attest` from 3.0.0 to 3.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/attest</code> from 1.6.0 to 2.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/299">actions/attest#299</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/318">actions/attest#318</a></li> <li>Create Artifact Metadata Storage Record on registry push by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/313">actions/attest#313</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/malancas"><code>@malancas</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest/pull/313">actions/attest#313</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3...v3.1.0">https://github.com/actions/attest/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/7667f588f2f73a90cea6c7ac70e78266c4f76616"><code>7667f58</code></a> Create Artifact Metadata Storage Record on registry push (<a href="https://redirect.github.com/actions/attest/issues/313">#313</a>)</li> <li><a href="https://github.com/actions/attest/commit/0512723b049f456232eb06b040bc579727752a6a"><code>0512723</code></a> Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 (<a href="https://redirect.github.com/actions/attest/issues/318">#318</a>)</li> <li><a href="https://github.com/actions/attest/commit/c16e6655b77834c757beac502b8f2013705f92f4"><code>c16e665</code></a> Bump the npm-development group with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/315">#315</a>)</li> <li><a href="https://github.com/actions/attest/commit/3374a04c9f423bc0e4e5560f82ebe38956064fd0"><code>3374a04</code></a> Bump <code>@types/node</code> from 24.10.1 to 25.0.2 (<a href="https://redirect.github.com/actions/attest/issues/317">#317</a>)</li> <li><a href="https://github.com/actions/attest/commit/8ed7eda47c4480c843fdfd8850cbc514a728d335"><code>8ed7eda</code></a> Bump actions/upload-artifact from 5 to 6 (<a href="https://redirect.github.com/actions/attest/issues/314">#314</a>)</li> <li><a href="https://github.com/actions/attest/commit/6440a037b10d2a829cc9882a533f3d9138424c0d"><code>6440a03</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/312">#312</a>)</li> <li><a href="https://github.com/actions/attest/commit/70b5d87a50d4136d848a73c7cf376b97b7a70223"><code>70b5d87</code></a> Bump the actions-minor group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/311">#311</a>)</li> <li><a href="https://github.com/actions/attest/commit/9902fb2594e0b5bbab9995737abd2547cde67f22"><code>9902fb2</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/310">#310</a>)</li> <li><a href="https://github.com/actions/attest/commit/32938749009952fa9f8278fe546fd1f7ed2c5eeb"><code>3293874</code></a> Bump actions/checkout from 5.0.1 to 6.0.0 (<a href="https://redirect.github.com/actions/attest/issues/308">#308</a>)</li> <li><a href="https://github.com/actions/attest/commit/88adb8653690c030561da54074f99d467b74741b"><code>88adb86</code></a> Bump the npm-development group with 2 updates (<a href="https://redirect.github.com/actions/attest/issues/307">#307</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/daf44fb950173508f38bd2406030372c1d1162b1...7667f588f2f73a90cea6c7ac70e78266c4f76616">compare view</a></li> </ul> </details> <br /> Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v3.12.0</h2> <ul> <li>Deprecate <code>install</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/455">docker/setup-buildx-action#455</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.62.1 to 0.63.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/434">docker/setup-buildx-action#434</a></li> <li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/436">docker/setup-buildx-action#436</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/432">docker/setup-buildx-action#432</a></li> <li>Bump undici from 5.28.4 to 5.29.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/435">docker/setup-buildx-action#435</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0">https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f"><code>8d2750c</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/455">#455</a> from crazy-max/install-deprecated</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e81846bcc4416a0bf18b8389e4f6fce279619ddc"><code>e81846b</code></a> deprecate install input</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/65d18f8f8a05aab1b2d761032bec9cd5578caadb"><code>65d18f8</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/454">#454</a> from docker/dependabot/github_actions/actions/checkout-6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/000d75d273dec231f74115df50b6ee04c9b25e55"><code>000d75d</code></a> build(deps): bump actions/checkout from 5 to 6</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/1583c0f09d26c58c59d25b0eef29792b7ce99d9a"><code>1583c0f</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/443">#443</a> from nicolasleger/patch-1</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/ed158e796328af702db08c75bebb92f2fb10be88"><code>ed158e7</code></a> doc: bump actions/checkout from 4 to 5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/4cc794f83e4b7488282e879f4469e86246e52ddd"><code>4cc794f</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/441">#441</a> from docker/dependabot/github_actions/actions/checkout-5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/4dfc3d6c5d9e9534040f8d8b55bd4a98459b62b7"><code>4dfc3d6</code></a> build(deps): bump actions/checkout from 4 to 5</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/af1b253b8dc984466d22633f04ef341c1520ed2f"><code>af1b253</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/440">#440</a> from crazy-max/k3s-build</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/3c6ab92b04d9f3e63233e0e0168ba114c6b448bc"><code>3c6ab92</code></a> ci: k3s test with latest buildx</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/e468171a9de216ec08956ac3ada2f0791b6bd435...8d2750c68a42422c14e847fe6c8ac0403b4cbd6f">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.6 to 4.31.9 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.9</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.9 - 16 Dec 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.9/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.8</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.8 - 11 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.8. <a href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.8/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.7</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.7 - 05 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.7. <a href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.9 - 16 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.8 - 11 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.8. <a href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li> </ul> <h2>4.31.7 - 05 Dec 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.7. <a href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li> </ul> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/5d4e8d1aca955e8d8589aabd499c5cae939e33c7"><code>5d4e8d1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3371">#3371</a> from github/update-v4.31.9-998798e34</li> <li><a href="https://github.com/github/codeql-action/commit/1dc115f17a8c6966e94a6477313dd3df6319bc83"><code>1dc115f</code></a> Update changelog for v4.31.9</li> <li><a href="https://github.com/github/codeql-action/commit/998798e34d79baddb1566c60bbb8f68a901c04e6"><code>998798e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3352">#3352</a> from github/nickrolfe/jar-min-ff-cleanup</li> <li><a href="https://github.com/github/codeql-action/commit/5eb751966fe18977cdefa4e41e0f90e92801ce90"><code>5eb7519</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3358">#3358</a> from github/henrymercer/database-upload-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/d29eddb39b7c33171bb0250114b1c9e3ff8fe2bc"><code>d29eddb</code></a> Extract version number to constant</li> <li><a href="https://github.com/github/codeql-action/commit/e9626872ef3347a9c18091d60da647084c2451a6"><code>e962687</code></a> Merge branch 'main' into henrymercer/database-upload-telemetry</li> <li><a href="https://github.com/github/codeql-action/commit/19c7f96922a6269458f2cadcc23faf0ebaa1368b"><code>19c7f96</code></a> Rename <code>isOverlayBase</code></li> <li><a href="https://github.com/github/codeql-action/commit/ae5de9a20d0468cc3818a0dc5c99e456f996d9cf"><code>ae5de9a</code></a> Use <code>getErrorMessage</code> in log too</li> <li><a href="https://github.com/github/codeql-action/commit/0cb86337c5111af4ff3dc7e8f9b98c479c9ea954"><code>0cb8633</code></a> Prefer <code>performance.now()</code></li> <li><a href="https://github.com/github/codeql-action/commit/c07cc0d3a95a282fc5a54477464931c776d124ec"><code>c07cc0d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3351">#3351</a> from github/henrymercer/ghec-dr-determine-tools-vers...</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/fe4161a26a8629af62121b670040955b330f9af2...5d4e8d1aca955e8d8589aabd499c5cae939e33c7">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-29 12:21:08 +00:00
dependabot[bot]	3f13859ade	ci: bump the github-actions group with 4 updates (#21370 ) Bumps the github-actions group with 4 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/cache](https://github.com/actions/cache), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `step-security/harden-runner` from 2.13.2 to 2.14.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.0</h2> <h2>What's Changed</h2> <ul> <li>Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.</li> <li>Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0">https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0</a></p> <h2>v2.13.3</h2> <h2>What's Changed</h2> <ul> <li>Fixed an issue where process events were not uploaded in certain edge cases.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3">https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/20cf305ff2072d973412fa9b1e3a4f227bda3c76"><code>20cf305</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/622">#622</a> from step-security/feature/custom-property-skip</li> <li><a href="https://github.com/step-security/harden-runner/commit/c51e8eeb6c4fdcd08f65e43a051dacdbfaa69702"><code>c51e8ee</code></a> feat: skip agent install and post step on subsequent runs for GitHub-hosted r...</li> <li><a href="https://github.com/step-security/harden-runner/commit/e152b90204c3d85cefa1441b701a47a13ed28bd7"><code>e152b90</code></a> feat: skip harden-runner based on repository custom property</li> <li><a href="https://github.com/step-security/harden-runner/commit/ee1faec052d1000061fa79a13e030db11b3f86bd"><code>ee1faec</code></a> feat: replace skip-harden-runner with skip-on-custom-property input</li> <li><a href="https://github.com/step-security/harden-runner/commit/1dc7c1764659d537dab2a854b8e165a801103eb1"><code>1dc7c17</code></a> feat: add skip-harden-runner input to conditionally skip execution</li> <li><a href="https://github.com/step-security/harden-runner/commit/df199fb7be9f65074067a9eb93f12bb4c5547cf2"><code>df199fb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/620">#620</a> from step-security/rc-29</li> <li><a href="https://github.com/step-security/harden-runner/commit/03d096a772368b1f0222005a6899d3e35a7f62df"><code>03d096a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/40901073af04afd40408833437092a7467798f33"><code>4090107</code></a> fix: update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...20cf305ff2072d973412fa9b1e3a4f227bda3c76">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 4.3.0 to 5.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.1</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h1>v5.0.1</h1> <h2>What's Changed</h2> <ul> <li>fix: update <code>@actions/cache</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1685">actions/cache#1685</a></li> <li>prepare release v5.0.1 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1686">actions/cache#1686</a></li> </ul> <h1>v5.0.0</h1> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.1">https://github.com/actions/cache/compare/v5...v5.0.1</a></p> <h2>v5.0.0</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4.3.0...v5.0.0">https://github.com/actions/cache/compare/v4.3.0...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/9255dc7a253b0ccc959486e2bca901246202afeb"><code>9255dc7</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1686">#1686</a> from actions/cache-v5.0.1-release</li> <li><a href="https://github.com/actions/cache/commit/8ff5423e8b66eacab4e638ee52abbd2cb831366a"><code>8ff5423</code></a> chore: release v5.0.1</li> <li><a href="https://github.com/actions/cache/commit/9233019a152bc768059ac1768b8e4403b5da16c1"><code>9233019</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1685">#1685</a> from salmanmkc/node24-storage-blob-fix</li> <li><a href="https://github.com/actions/cache/commit/b975f2bb844529e1063ad882c609b224bcd66eb6"><code>b975f2b</code></a> fix: add peer property to package-lock.json for dependencies</li> <li><a href="https://github.com/actions/cache/commit/d0a0e1813491d01d574c95f8d189f62622bbb2ae"><code>d0a0e18</code></a> fix: update license files for <code>@actions/cache</code>, fast-xml-parser, and strnum</li> <li><a href="https://github.com/actions/cache/commit/74de208dcfcbe85c0e7154e7b17e4105fe2554ff"><code>74de208</code></a> fix: update <code>@actions/cache</code> to ^5.0.1 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/cache/commit/ac7f1152ead02e89c14b5456d14ab17591e74cfb"><code>ac7f115</code></a> peer</li> <li><a href="https://github.com/actions/cache/commit/b0f846b50b6061d7a2ca6f1a2fea61d4a65d1a16"><code>b0f846b</code></a> fix: update <code>@actions/cache</code> with storage-blob fix for Node.js 24 punycode depr...</li> <li><a href="https://github.com/actions/cache/commit/a7833574556fa59680c1b7cb190c1735db73ebf0"><code>a783357</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1684">#1684</a> from actions/prepare-cache-v5-release</li> <li><a href="https://github.com/actions/cache/commit/3bb0d78750a39cefce0c2b5a0a9801052b4359ad"><code>3bb0d78</code></a> docs: highlight v5 runner requirement in releases</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...9255dc7a253b0ccc959486e2bca901246202afeb">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>v6 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Upload Artifact Node 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li> <li>fix: update <code>@actions/artifact</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li> <li>prepare release v6.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f"><code>b7c566a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a> from actions/upload-artifact-v6-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b"><code>e516bc8</code></a> docs: correct description of Node.js 24 support in README</li> <li><a href="https://github.com/actions/upload-artifact/commit/ddc45ed9bca9b38dbd643978d88e3981cdc91415"><code>ddc45ed</code></a> docs: update README to correct action name for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/615b319bd27bb32c3d64dca6b6ed6974d5fbe653"><code>615b319</code></a> chore: release v6.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/017748b48f8610ca8e6af1222f4a618e84a9c703"><code>017748b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/upload-artifact/commit/38d4c7997f5510fcc41fc4aae2a6b97becdbe7fc"><code>38d4c79</code></a> chore: rebuild dist</li> <li><a href="https://github.com/actions/upload-artifact/commit/7d27270e0cfd253e666c44abac0711308d2d042f"><code>7d27270</code></a> chore: add missing license cache files for <code>@actions/core</code>, <code>@actions/io</code>, and mi...</li> <li><a href="https://github.com/actions/upload-artifact/commit/5f643d3c9475505ccaf26d686ffbfb71a8387261"><code>5f643d3</code></a> chore: update license files for <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1 dependencies</li> <li><a href="https://github.com/actions/upload-artifact/commit/1df1684032c88614064493e1a0478fcb3583e1d0"><code>1df1684</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/upload-artifact/commit/b5b1a918401ee270935b6b1d857ae66c85f3be6f"><code>b5b1a91</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/330a01c490aca151604b8cf639adc76d48f6c5d4...b7c566a772e6b6bfb58ed0dc250532a479d7789f">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 6.0.0 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/download-artifact@v7 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li>Download Artifact Node24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> <li>fix: update <code>@actions/artifact</code> to fix Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/451">actions/download-artifact#451</a></li> <li>prepare release v7.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/452">actions/download-artifact#452</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0">https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/37930b1c2abaa49bbe596cd826c3c89aef350131"><code>37930b1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/452">#452</a> from actions/download-artifact-v7-release</li> <li><a href="https://github.com/actions/download-artifact/commit/72582b9e0acd370909e83fa4a1fd0fca3ad452d8"><code>72582b9</code></a> doc: update readme</li> <li><a href="https://github.com/actions/download-artifact/commit/0d2ec9d4cbcefe257d822f108de2a1f15f8da9f6"><code>0d2ec9d</code></a> chore: release v7.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/download-artifact/commit/fd7ae8fda6dc16277a9ffbc91cdb0eedf156e912"><code>fd7ae8f</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/451">#451</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/download-artifact/commit/d484700543354b15886d6a52910cf61b7f1d2b27"><code>d484700</code></a> chore: restore minimatch.dep.yml license file</li> <li><a href="https://github.com/actions/download-artifact/commit/03a808050efe42bb6ad85281890afd4e4546672c"><code>03a8080</code></a> chore: remove obsolete dependency license files</li> <li><a href="https://github.com/actions/download-artifact/commit/56fe6d904b0968950f8b68ea17774c54973ed5e2"><code>56fe6d9</code></a> chore: update <code>@actions/artifact</code> license file to 5.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/8e3ebc4ab4d2e095e5eb44ba1a4a53b6b03976ad"><code>8e3ebc4</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/1e3c4b4d4906c98ab57453c24efefdf16c078044"><code>1e3c4b4</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/download-artifact/commit/458627d354794c71bc386c8d5839d20b5885fe2a"><code>458627d</code></a> chore: use local <code>@actions/artifact</code> package for Node.js 24 testing</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53...37930b1c2abaa49bbe596cd826c3c89aef350131">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-22 12:32:48 +00:00
dependabot[bot]	ed810a04f1	ci: bump the github-actions group with 4 updates (#21273 ) Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-java](https://github.com/actions/setup-java), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [actions/stale](https://github.com/actions/stale). Updates `actions/checkout` from 6.0.0 to 6.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.1</h2> <h2>What's Changed</h2> <ul> <li>Update all references from v5 and v4 to v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> <li>Clarify v6 README by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a> Clarify v6 README (<a href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li> <li><a href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a> Add worktree support for persist-credentials includeIf (<a href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li> <li><a href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a> Update all references from v5 and v4 to v6 (<a href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...8e8c483db84b4bee98b60c0593521ed34d9990e8">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 5.0.0 to 5.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.1.0</h2> <h2>What's Changed</h2> <h3>New Features</h3> <ul> <li>Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter by <a href="https://github.com/guicamest"><code>@guicamest</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li> <li>Add support for Microsoft OpenJDK 25 builds by <a href="https://github.com/the-mod"><code>@the-mod</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li> </ul> <h3>Bug Fixes & Improvements</h3> <ul> <li>Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/767">actions/setup-java#767</a></li> <li>Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li> <li>Update SapMachine URLs by <a href="https://github.com/RealCLanger"><code>@RealCLanger</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/955">actions/setup-java#955</a></li> <li>Add GitHub Token Support for GraalVM and Refactor Code by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/849">actions/setup-java#849</a></li> </ul> <h3>Documentation changes</h3> <ul> <li>Update documentation to use checkout and Java v5 by <a href="https://github.com/lmvysakh"><code>@lmvysakh</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li> <li>Clarify JAVA_HOME and PATH setup in README by <a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li> </ul> <h3>Dependency updates</h3> <ul> <li>Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/873">actions/setup-java#873</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/912">actions/setup-java#912</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lmvysakh"><code>@lmvysakh</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li> <li><a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li> <li><a href="https://github.com/the-mod"><code>@the-mod</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li> <li><a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li> <li><a href="https://github.com/guicamest"><code>@guicamest</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.1.0">https://github.com/actions/setup-java/compare/v5...v5.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/f2beeb24e141e01a676f977032f5a29d81c9e27e"><code>f2beeb2</code></a> Bump actions/publish-action from 0.3.0 to 0.4.0 (<a href="https://redirect.github.com/actions/setup-java/issues/912">#912</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/4e7e684fbb6e33f88ecb2cf1e6b3797739cf499b"><code>4e7e684</code></a> feat: Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter (<a href="https://redirect.github.com/actions/setup-java/issues/736">#736</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/46c56d6f92c88cf540acf95a12a4a41197499222"><code>46c56d6</code></a> Add GitHub Token Support for GraalVM and Refactor Code (<a href="https://redirect.github.com/actions/setup-java/issues/849">#849</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/66b945764b75604b3cfd644c3ada5232cf6c90c6"><code>66b9457</code></a> Update SapMachine URLs (<a href="https://redirect.github.com/actions/setup-java/issues/955">#955</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/6ba5449b7dcda52941806a19f0cf626b6420191e"><code>6ba5449</code></a> Enhance error logging for network failures to include endpoint/IP details, ad...</li> <li><a href="https://github.com/actions/setup-java/commit/de5a937a1dc73fbc1a67d7d1aa4bebc1082f3190"><code>de5a937</code></a> adds microsoft openjdk25 builds (<a href="https://redirect.github.com/actions/setup-java/issues/927">#927</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ead9eaa3cfe0b0fc2fa749519ae09c3d4f4080b0"><code>ead9eaa</code></a> Update Regex to Support All ASDF Versions for the supported distributions in ...</li> <li><a href="https://github.com/actions/setup-java/commit/8c57fa36276f209f7c545338dc17a4cc89842dec"><code>8c57fa3</code></a> Clarify JAVA_HOME and PATH setup in README (<a href="https://redirect.github.com/actions/setup-java/issues/841">#841</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/a7ab372554b6eb1a8eb25e7d9aec1cc9f3ea1a76"><code>a7ab372</code></a> Bump prettier from 2.8.8 to 3.6.2 (<a href="https://redirect.github.com/actions/setup-java/issues/873">#873</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d0351b4837dd42a4a838ef25daec3bf530e20aaf"><code>d0351b4</code></a> Update documentation to use checkout and Java v5 (<a href="https://redirect.github.com/actions/setup-java/issues/903">#903</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/dded0888837ed1f317902acf8a20df0ad188d165...f2beeb24e141e01a676f977032f5a29d81c9e27e">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b to e0021407031f5be11a464abee9a0776171c79891 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b...abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b">compare view</a></li> </ul> </details> <br /> Updates `actions/stale` from 10.1.0 to 10.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/stale/releases">actions/stale's releases</a>.</em></p> <blockquote> <h2>v10.1.1</h2> <h2>What's Changed</h2> <h3>Bug Fix</h3> <ul> <li>Add Missing Input Reading for <code>only-issue-types</code> by <a href="https://github.com/Bibo-Joshi"><code>@Bibo-Joshi</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1298">actions/stale#1298</a></li> </ul> <h3>Improvement</h3> <ul> <li>Improves error handling when rate limiting is disabled on GHES. by <a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li> </ul> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade eslint-config-prettier from 8.10.0 to 10.1.8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1276">actions/stale#1276</a></li> <li>Upgrade <code>@types/node</code> from 20.10.3 to 24.2.0 and document breaking changes in v10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1280">actions/stale#1280</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1291">actions/stale#1291</a></li> <li>Upgrade actions/checkout from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1306">actions/stale#1306</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/stale/compare/v10...v10.1.1">https://github.com/actions/stale/compare/v10...v10.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/stale/commit/997185467fa4f803885201cee163a9f38240193d"><code>9971854</code></a> build(deps): bump actions/checkout from 4 to 6 (<a href="https://redirect.github.com/actions/stale/issues/1306">#1306</a>)</li> <li><a href="https://github.com/actions/stale/commit/5611b9defa6b7799a950489b00163db69f7a3ece"><code>5611b9d</code></a> build(deps): bump actions/publish-action from 0.3.0 to 0.4.0 (<a href="https://redirect.github.com/actions/stale/issues/1291">#1291</a>)</li> <li><a href="https://github.com/actions/stale/commit/fad0de84e50d1aba7b0236cdaf0ea98a43286849"><code>fad0de8</code></a> Improves error handling when rate limiting is disabled on GHES. (<a href="https://redirect.github.com/actions/stale/issues/1300">#1300</a>)</li> <li><a href="https://github.com/actions/stale/commit/39bea7de61dd70ce4705a976f904f33d5e1e0f49"><code>39bea7d</code></a> Add Missing Input Reading for <code>only-issue-types</code> (<a href="https://redirect.github.com/actions/stale/issues/1298">#1298</a>)</li> <li><a href="https://github.com/actions/stale/commit/e46bbabb3ede15841d25946157759558dd16306e"><code>e46bbab</code></a> build(deps-dev): bump <code>@types/node</code> from 20.10.3 to 24.2.0 and document breakin...</li> <li><a href="https://github.com/actions/stale/commit/65d1d4804d3060875fff9f9fa8a49e27f71ce7f0"><code>65d1d48</code></a> build(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 (<a href="https://redirect.github.com/actions/stale/issues/1276">#1276</a>)</li> <li>See full diff in <a href="https://github.com/actions/stale/compare/5f858e3efba33a5ca4407a664cc011ad407f2008...997185467fa4f803885201cee163a9f38240193d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-15 12:23:24 +00:00
dependabot[bot]	fad8b54ab8	ci: bump the github-actions group across 1 directory with 6 updates (#21017 ) Bumps the github-actions group with 6 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `5.0.0` \| `6.0.0` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.39.2` \| `1.40.0` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.3.3` \| `13.3.4` \| \| [fluxcd/flux2](https://github.com/fluxcd/flux2) \| `2.7.3` \| `2.7.5` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `70069877f29101175ed2b055d210fe8b1d54d7d7` \| `abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `4.31.3` \| `4.31.6` \| Updates `actions/checkout` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>v6-beta by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li> <li>update readme/changelog for v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p> <h2>v6-beta</h2> <h2>What's Changed</h2> <p>Updated persist-credentials to store the credentials under <code>$RUNNER_TEMP</code> instead of directly in the local git config.</p> <p>This requires a minimum Actions Runner version of <a href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a> to access the persisted credentials for <a href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker container action</a> scenarios.</p> <h2>v5.0.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>V5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a> update readme/changelog for v6 (<a href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li> <li><a href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a> v6-beta (<a href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li> <li><a href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a> Persist creds to a separate file (<a href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li> <li><a href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a> Update README to include Node.js 24 support details and requirements (<a href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/08c6903cd8c0fde910a37f88322edcfb5dd907a8...1af3b93b6815bc44a9784bd300feb67ff0d1eeb3">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.39.2 to 1.40.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.40.0</h2> <h2>[1.40.0] - 2025-11-26</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1405">November 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.40.0] - 2025-11-26</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1405">November 2025</a> changes</li> </ul> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>[1.39.1] - 2025-11-12</h2> <h3>Features</h3> <ul> <li>Make <code>--help</code> more vibrant</li> </ul> <h2>[1.39.0] - 2025-10-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1383">October 2025</a> changes</li> </ul> <h3>Fixes</h3> <ul> <li>When a typo is pluralized, prefer pluralized corrections</li> </ul> <h2>[1.38.1] - 2025-10-07</h2> <h3>Fixes</h3> <ul> <li>Ignore common golang identifiers</li> </ul> <h2>[1.38.0] - 2025-10-06</h2> <h3>Features</h3> <ul> <li>Update type list</li> </ul> <h3>Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/2d0ce569feab1f8752f1dde43cc2f2aa53236e06"><code>2d0ce56</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/efbd900f8db9952781b6bd1ad83baa38ebd153e3"><code>efbd900</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/863fd15db8bf16bfe9117ec1a83ea7b6e802e9f3"><code>863fd15</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/9a27b16791dd73549457a07f247bc4920f787919"><code>9a27b16</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1432">#1432</a> from epage/nov</li> <li><a href="https://github.com/crate-ci/typos/commit/3dbd9d4eacab7f22586ea581e4d403c3ca9dbbb7"><code>3dbd9d4</code></a> feat(dict): November additions</li> <li><a href="https://github.com/crate-ci/typos/commit/a1a16c7b7c25d1c27cc750525aada8b9ae68b716"><code>a1a16c7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1427">#1427</a> from deining/bump-github-action</li> <li><a href="https://github.com/crate-ci/typos/commit/cb8d2e78ff23c82fca05340ed256b04513d022b9"><code>cb8d2e7</code></a> docs: Bump GitHub checkout action in 'github-action.md'</li> <li><a href="https://github.com/crate-ci/typos/commit/9f99fb8dfe87b8a3441863fb2e5d5da88a2aa9a2"><code>9f99fb8</code></a> docs(ref): Clarify extend-words / extend-identifiers</li> <li>See full diff in <a href="https://github.com/crate-ci/typos/compare/626c4bedb751ce0b7f03262ca97ddda9a076ae1c...2d0ce569feab1f8752f1dde43cc2f2aa53236e06">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.3 to 13.3.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694"><code>4c20b95</code></a> v13.3.4</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/ac86f2ff0a458ffbce7b40698abd44c0fa34d4b6...4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694">compare view</a></li> </ul> </details> <br /> Updates `fluxcd/flux2` from 2.7.3 to 2.7.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's releases</a>.</em></p> <blockquote> <h2>v2.7.5</h2> <h2>Highlights</h2> <p>Flux v2.7.5 is a patch release that comes with fixes to helm-controller. Users are encouraged to upgrade for the best experience.</p> <p>ℹ️ Please follow the <a href="https://github.com/fluxcd/flux2/discussions/5572">Upgrade Procedure for Flux v2.7+</a> for a smooth upgrade from Flux v2.6 to the latest version.</p> <p>Fixes:</p> <ul> <li>Fix HelmRelease history truncation when using the <code>RetryOnFailure</code> strategy.</li> </ul> <p>⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use <a href="https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries">Cosign v2.6</a> for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.</p> <h2>Components changelog</h2> <ul> <li>helm-controller <a href="https://github.com/fluxcd/helm-controller/blob/v1.4.5/CHANGELOG.md">v1.4.5</a></li> </ul> <h2>CLI changelog</h2> <ul> <li>[release/v2.7.x] Update toolkit components by <a href="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in <a href="https://redirect.github.com/fluxcd/flux2/pull/5649">fluxcd/flux2#5649</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5">https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5</a></p> <h2>v2.7.4</h2> <h2>Highlights</h2> <p>Flux v2.7.4 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.</p> <p>ℹ️ Please follow the <a href="https://github.com/fluxcd/flux2/discussions/5572">Upgrade Procedure for Flux v2.7+</a> for a smooth upgrade from Flux v2.6 to the latest version.</p> <p>Fixes:</p> <ul> <li>Add <code>DisableConfigWatchers</code> feature gate to all controllers for disabling the Secrets/ConfigMaps watchers</li> <li>Fix Workload Identity for Azure China Cloud in all controllers</li> <li>Update Helm Go SDK to v3.19.2 fixing schema validation issues in helm-controller</li> <li>Skip secret decryption for remote kustomize patches in kustomize-controller</li> <li>Improve post-build error reporting in kustomize-controller</li> <li>Add <code>ArtifactGenerator</code> to aggregated RBAC roles</li> </ul> <p>⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use <a href="https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries">Cosign v2.6</a> for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.</p> <h2>Components changelog</h2> <ul> <li>source-controller <a href="https://github.com/fluxcd/source-controller/blob/v1.7.4/CHANGELOG.md">v1.7.4</a></li> <li>kustomize-controller <a href="https://github.com/fluxcd/kustomize-controller/blob/v1.7.3/CHANGELOG.md">v1.7.3</a></li> <li>notification-controller <a href="https://github.com/fluxcd/notification-controller/blob/v1.7.5/CHANGELOG.md">v1.7.5</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/fluxcd/flux2/commit/8454b02a32e48d775b9f563cb51fdcb1787b5b93"><code>8454b02</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5649">#5649</a> from fluxcd/backport-5648-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/931f101cb1cba9f7af4efa44ac0a5c7f634d9b06"><code>931f101</code></a> Update toolkit components</li> <li><a href="https://github.com/fluxcd/flux2/commit/06ed49dcd3f3ce2fc8d1988848245873a91550bc"><code>06ed49d</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5642">#5642</a> from fluxcd/backport-5597-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/6021981de38a416f214a97dd090a1346a20d9ad4"><code>6021981</code></a> Allow option to skip tenant namespace creation</li> <li><a href="https://github.com/fluxcd/flux2/commit/4b7d46e511ca0efbea80e19fca675b18191a7508"><code>4b7d46e</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5640">#5640</a> from fluxcd/backport-5639-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/e8c87047ba81d4bdacc3a33c443e93a35efedda0"><code>e8c8704</code></a> Update toolkit components</li> <li><a href="https://github.com/fluxcd/flux2/commit/abd603eca72aac25d6a7b2da88e902ff798fbf61"><code>abd603e</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5635">#5635</a> from fluxcd/backport-5625-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/83d426c3c04baba957c4aa7774990563e125f5d4"><code>83d426c</code></a> diff: report if object is skipped</li> <li><a href="https://github.com/fluxcd/flux2/commit/48e77c820ecea23bb34fe51b1914bc41fd0830ac"><code>48e77c8</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5634">#5634</a> from fluxcd/backport-5633-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/01fbe3763997a09e67ec30779aa9280cb74e8885"><code>01fbe37</code></a> Upgrade k8s to 1.34.2, c-r to 0.22.4 and helm to 3.19.2</li> <li>Additional commits viewable in <a href="https://github.com/fluxcd/flux2/compare/b6e76ca2534f76dcb8dd94fb057cdfa923c3b641...8454b02a32e48d775b9f563cb51fdcb1787b5b93">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 70069877f29101175ed2b055d210fe8b1d54d7d7 to abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b"><code>abdd2f6</code></a> chore(deps): bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2717">#2717</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/1d08ab228c06cfdb5c92a6be6fb2e03654e2410c"><code>1d08ab2</code></a> chore(deps-dev): bump <code>@types/lodash</code> from 4.17.20 to 4.17.21 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2718">#2718</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/085eb10d7ef84ec5ab690becdd4072966e781924"><code>085eb10</code></a> chore(deps-dev): bump eslint-plugin-jest from 29.1.0 to 29.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2719">#2719</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/72321d1f003ac6191c4d5c7781eed4241a728447"><code>72321d1</code></a> chore(deps): bump github/codeql-action from 4.31.4 to 4.31.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2720">#2720</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8c66df4f78c44069a58c4517f775d02211a2b06b"><code>8c66df4</code></a> chore(deps-dev): bump prettier from 3.6.2 to 3.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2722">#2722</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6da3c88b60ebf09464ada9b06fba5b6f2d34bb94"><code>6da3c88</code></a> chore(deps): bump nrwl/nx-set-shas from 4.3.3 to 4.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2712">#2712</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/48b6e9756da9107e9b08fcb676b292caaac1140b"><code>48b6e97</code></a> chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2714">#2714</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4206138f174379c379efaa0f5c1d1f82a96eac0a"><code>4206138</code></a> Update README.md</li> <li><a href="https://github.com/tj-actions/changed-files/commit/31e663cd71ad1f011b9f9e87f3a710e5ebb9a658"><code>31e663c</code></a> chore(deps): bump github/codeql-action from 4.31.2 to 4.31.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2715">#2715</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/46fd332157a59040c95f13a55162240a4b789b6c"><code>46fd332</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.10.0 to 24.10.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2711">#2711</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/70069877f29101175ed2b055d210fe8b1d54d7d7...abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.3 to 4.31.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.6</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.6/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.4</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.4/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <h2>4.30.9 - 17 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.3. <a href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li> <li>Experimental: A new <code>setup-codeql</code> action has been added which is similar to <code>init</code>, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li> </ul> <h2>4.30.8 - 10 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.30.7 - 06 Oct 2025</h2> <ul> <li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/fe4161a26a8629af62121b670040955b330f9af2"><code>fe4161a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3336">#3336</a> from github/update-v4.31.6-ecec1f887</li> <li><a href="https://github.com/github/codeql-action/commit/88c2ab5eee3b475eef2f7aabf89bd9f052153d91"><code>88c2ab5</code></a> Update changelog for v4.31.6</li> <li><a href="https://github.com/github/codeql-action/commit/ecec1f88769052ebc45aa0affc53ea30d474cffa"><code>ecec1f8</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3335">#3335</a> from github/mbg/ci/run-codeql-on-all-prs</li> <li><a href="https://github.com/github/codeql-action/commit/23da73277866951560f258278028b48f68958a0a"><code>23da732</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3334">#3334</a> from github/kaspersv/overlay-minor-comments</li> <li><a href="https://github.com/github/codeql-action/commit/f7abc748a3da068e17cfd0e1086e8d72e51f17b6"><code>f7abc74</code></a> Remove branch filter for PR event in CodeQL workflow</li> <li><a href="https://github.com/github/codeql-action/commit/32ada5e061c0433b9e40f11632c2412a55b745f9"><code>32ada5e</code></a> Merge branch 'main' into kaspersv/overlay-minor-comments</li> <li><a href="https://github.com/github/codeql-action/commit/75b2f49aeaf4e8a9eab338ddc5d628eea7366eeb"><code>75b2f49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3333">#3333</a> from github/kaspersv/overlay-no-resource-checks-option</li> <li><a href="https://github.com/github/codeql-action/commit/f036b1cb781fa664100fee1f7c56a0088663dd26"><code>f036b1c</code></a> Merge branch 'main' into kaspersv/overlay-no-resource-checks-option</li> <li><a href="https://github.com/github/codeql-action/commit/58c5954801c246a3975b658372285b37c45de271"><code>58c5954</code></a> Add comment to runnerSupportsOverlayAnalysis</li> <li><a href="https://github.com/github/codeql-action/commit/b02fa13292ce189c02cbb1ba5488f7dbbc8c6b14"><code>b02fa13</code></a> Order feature flags alphabetically</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/014f16e7ab1402f30e7c3329d33797e7948572db...fe4161a26a8629af62121b670040955b330f9af2">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-01 10:32:29 +00:00
dependabot[bot]	0b0813e30c	ci: bump the github-actions group with 3 updates (#20796 ) Bumps the github-actions group with 3 updates: [crate-ci/typos](https://github.com/crate-ci/typos), [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) and [github/codeql-action](https://github.com/github/codeql-action). Updates `crate-ci/typos` from 1.39.0 to 1.39.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.39.2</h2> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>v1.39.1</h2> <h2>[1.39.1] - 2025-11-12</h2> <h3>Features</h3> <ul> <li>Make <code>--help</code> more vibrant</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>[1.39.1] - 2025-11-12</h2> <h3>Features</h3> <ul> <li>Make <code>--help</code> more vibrant</li> </ul> <h2>[1.39.0] - 2025-10-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1383">October 2025</a> changes</li> </ul> <h3>Fixes</h3> <ul> <li>When a typo is pluralized, prefer pluralized corrections</li> </ul> <h2>[1.38.1] - 2025-10-07</h2> <h3>Fixes</h3> <ul> <li>Ignore common golang identifiers</li> </ul> <h2>[1.38.0] - 2025-10-06</h2> <h3>Features</h3> <ul> <li>Update type list</li> </ul> <h3>Fixes</h3> <ul> <li>Don't correct <code>typ</code></li> <li>Consistently error on unused config fields</li> </ul> <h2>[1.37.3] - 2025-10-06</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/626c4bedb751ce0b7f03262ca97ddda9a076ae1c"><code>626c4be</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/c6b458db05d00c3037bc9a1102b84febc9fff2f4"><code>c6b458d</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/eed04198a67af7f32b16141261aa8f911cba1f5f"><code>eed0419</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1423">#1423</a> from epage/entrys</li> <li><a href="https://github.com/crate-ci/typos/commit/40383f41a2f90743ef28b8c8b1c2d5a42b7651a0"><code>40383f4</code></a> fix(dict): Don't offer 'entry' as a correction for 'entrys'</li> <li><a href="https://github.com/crate-ci/typos/commit/1af53e3774f068183ffd0c7193eb061a2b65a531"><code>1af53e3</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/e5d291b81a9bd645c218da268c94df78b6e5e605"><code>e5d291b</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/55474f5ff9f9a923f4e1a218c9b39271517d847e"><code>55474f5</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1417">#1417</a> from starsep/colorful_help</li> <li><a href="https://github.com/crate-ci/typos/commit/78b93759507833a789853c44a1d9a767fcd15024"><code>78b9375</code></a> feat: Enable colors for typos --help</li> <li><a href="https://github.com/crate-ci/typos/commit/308f8f5788c91e7d099279f046cdbc3662956dcd"><code>308f8f5</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1409">#1409</a> from crate-ci/renovate/actions-download-artifact-6.x</li> <li><a href="https://github.com/crate-ci/typos/commit/cf03418f507191943e33099ce6ba74c4c79b0257"><code>cf03418</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1410">#1410</a> from crate-ci/renovate/actions-setup-python-6.x</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/07d900b8fa1097806b8adb6391b0d3e0ac2fdea7...626c4bedb751ce0b7f03262ca97ddda9a076ae1c">compare view</a></li> </ul> </details> <br /> Updates `peter-evans/repository-dispatch` from 4.0.0 to 4.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/repository-dispatch/releases">peter-evans/repository-dispatch's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump peter-evans/repository-dispatch from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/428">peter-evans/repository-dispatch#428</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.127 to 18.19.129 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/429">peter-evans/repository-dispatch#429</a></li> <li>build(deps): bump the github-actions group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/431">peter-evans/repository-dispatch#431</a></li> <li>build(deps-dev): bump <code>@types/node</code> from 18.19.129 to 18.19.130 in the npm group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/432">peter-evans/repository-dispatch#432</a></li> <li>Fix node version in actions.yml by <a href="https://github.com/peter-evans"><code>@peter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/repository-dispatch/pull/433">peter-evans/repository-dispatch#433</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/repository-dispatch/compare/v4.0.0...v4.0.1">https://github.com/peter-evans/repository-dispatch/compare/v4.0.0...v4.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/28959ce8df70de7be546dd1250a005dd32156697"><code>28959ce</code></a> Fix node version in actions.yml (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/433">#433</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/25d29c2bbf9b1fd1e3e924e485d754498fdc84fd"><code>25d29c2</code></a> build(deps-dev): bump <code>@types/node</code> in the npm group (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/432">#432</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/830136c66487b256600fec7788578990092647bc"><code>830136c</code></a> build(deps): bump the github-actions group with 3 updates (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/431">#431</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/2c856c63feddee6147cab2f38801935b6a59a765"><code>2c856c6</code></a> ci: update dependabot config</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/66739071c2122a05106fc2a2c306fdaf33bb9cda"><code>6673907</code></a> build(deps-dev): bump <code>@types/node</code> from 18.19.127 to 18.19.129 (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/429">#429</a>)</li> <li><a href="https://github.com/peter-evans/repository-dispatch/commit/952a211c1efd1abc91cf289f80655b4692ba8cff"><code>952a211</code></a> build(deps): bump peter-evans/repository-dispatch from 3 to 4 (<a href="https://redirect.github.com/peter-evans/repository-dispatch/issues/428">#428</a>)</li> <li>See full diff in <a href="https://github.com/peter-evans/repository-dispatch/compare/5fc4efd1a4797ddb68ffd0714a238564e4cc0e6f...28959ce8df70de7be546dd1250a005dd32156697">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.2 to 4.31.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <h2>4.30.9 - 17 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.3. <a href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li> <li>Experimental: A new <code>setup-codeql</code> action has been added which is similar to <code>init</code>, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li> </ul> <h2>4.30.8 - 10 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.30.7 - 06 Oct 2025</h2> <ul> <li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li> </ul> <h2>3.30.6 - 02 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.2. <a href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li> </ul> <h2>3.30.5 - 26 Sep 2025</h2> <ul> <li>We fixed a bug that was introduced in <code>3.30.4</code> with <code>upload-sarif</code> which resulted in files without a <code>.sarif</code> extension not getting uploaded. <a href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li> </ul> <h2>3.30.4 - 25 Sep 2025</h2> <ul> <li>We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the <code>codeql-action/init</code> step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the <code>codeql-action/init</code> step. <a href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a> and <a href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/014f16e7ab1402f30e7c3329d33797e7948572db"><code>014f16e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3293">#3293</a> from github/update-v4.31.3-8c10e89c7</li> <li><a href="https://github.com/github/codeql-action/commit/14d898ef09787f3258d7542ed62ad3da38295b68"><code>14d898e</code></a> Update changelog for v4.31.3</li> <li><a href="https://github.com/github/codeql-action/commit/8c10e89c78c754f211c440ce6999ed8668811c3b"><code>8c10e89</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3288">#3288</a> from github/update-bundle/codeql-bundle-v2.23.5</li> <li><a href="https://github.com/github/codeql-action/commit/9777b01a4952c6266ad795197c2dd702065a6d19"><code>9777b01</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.23.5</li> <li><a href="https://github.com/github/codeql-action/commit/456a74a6faf33b08baa780e0bf31b41fabd1ca35"><code>456a74a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3289">#3289</a> from github/mbg/ci/setup-dotnet</li> <li><a href="https://github.com/github/codeql-action/commit/3fac49c14012959fab197865a1813bffe8a04dd1"><code>3fac49c</code></a> Update remaining workflows</li> <li><a href="https://github.com/github/codeql-action/commit/38a3a7258f252b705a070bd91df7a72a50d61318"><code>38a3a72</code></a> Enable <code>installDotNet</code> in all workflows that analyse C#</li> <li><a href="https://github.com/github/codeql-action/commit/58c9eb6c034b7054387301aa21926d94da049b69"><code>58c9eb6</code></a> Add <code>global.json</code></li> <li><a href="https://github.com/github/codeql-action/commit/f20e02164a8bd2f32913932752d67ee2bbf22246"><code>f20e021</code></a> Add support for adding <code>setup-dotnet</code> steps to <code>sync.sh</code></li> <li><a href="https://github.com/github/codeql-action/commit/8d3d4001e38901ebbee39c134163b67198c956f7"><code>8d3d400</code></a> Add changelog note</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/0499de31b99561a6d14a36a5f662c2a54f91beee...014f16e7ab1402f30e7c3329d33797e7948572db">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-17 12:19:23 +00:00
dependabot[bot]	4cbba17f10	ci: bump the github-actions group with 3 updates (#20703 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [Mattraks/delete-workflow-runs](https://github.com/mattraks/delete-workflow-runs). Updates `step-security/harden-runner` from 2.13.1 to 2.13.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.2</h2> <h2>What's Changed</h2> <ul> <li>Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.</li> <li>Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2">https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/95d9a5deda9de15063e7595e9719c11c38c90ae2"><code>95d9a5d</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/606">#606</a> from step-security/rc-28</li> <li><a href="https://github.com/step-security/harden-runner/commit/87e429d3fb470bcc827f338e5cce1155ff99c6eb"><code>87e429d</code></a> Update limitations.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/ef891c3a30c3c15c2287ce04b33ec28b6d90a447"><code>ef891c3</code></a> feat: add support for custom vm image</li> <li><a href="https://github.com/step-security/harden-runner/commit/1fa8c8a8b1b523829fe596bfc665d2bc4c0ef835"><code>1fa8c8a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/92c522aaa6f53af082553dedc1596c80b71aba33"><code>92c522a</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/593">#593</a> from step-security/ak-readme-updates</li> <li><a href="https://github.com/step-security/harden-runner/commit/4719ad5578c61961f4f70f833580278dea5544de"><code>4719ad5</code></a> README updates</li> <li><a href="https://github.com/step-security/harden-runner/commit/4fde639ab437b75bf4ecb52bbddb23ab0ac00259"><code>4fde639</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/591">#591</a> from eromosele-stepsecurity/Upd</li> <li><a href="https://github.com/step-security/harden-runner/commit/f682f2f2d06275b6ab30c2a973c1de2fa120e134"><code>f682f2f</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a...95d9a5deda9de15063e7595e9719c11c38c90ae2">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 0ff001de0805038ff3f118de4875002200057732 to 70069877f29101175ed2b055d210fe8b1d54d7d7 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/70069877f29101175ed2b055d210fe8b1d54d7d7"><code>7006987</code></a> chore(deps): bump <code>@octokit/rest</code> from 22.0.0 to 22.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2705">#2705</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5df1bad3a527ede089326306d1296297ab0d58d2"><code>5df1bad</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.9.2 to 24.10.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2707">#2707</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/0ff001de0805038ff3f118de4875002200057732...70069877f29101175ed2b055d210fe8b1d54d7d7">compare view</a></li> </ul> </details> <br /> Updates `Mattraks/delete-workflow-runs` from 86d29a75093353c4c509a876c176234037c2025b to 5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7"><code>5bf9a1d</code></a> Bug Fixes</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/63b223f231f2f5bbea217100ec6d29ab24faa7a1"><code>63b223f</code></a> Supports daily retention keep a minimum number of runs per day</li> <li>See full diff in <a href="https://github.com/mattraks/delete-workflow-runs/compare/86d29a75093353c4c509a876c176234037c2025b...5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-10 14:05:16 +00:00
dependabot[bot]	a1161b79a7	ci: bump the github-actions group with 7 updates (#20498 ) Bumps the github-actions group with 7 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `4.6.2` \| `5.0.0` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.3.0` \| `13.3.2` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `5.0.0` \| `6.0.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449` \| `dbf178ceecb9304128c8e0648591d71208c6e2c9` \| \| [nixbuild/nix-quick-install-action](https://github.com/nixbuild/nix-quick-install-action) \| `33` \| `34` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `4.30.9` \| `4.31.0` \| \| [Mattraks/delete-workflow-runs](https://github.com/mattraks/delete-workflow-runs) \| `2.0.6` \| `2.1.0` \| Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README.md by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v5.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/734">actions/upload-artifact#734</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v5.0.0">https://github.com/actions/upload-artifact/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/330a01c490aca151604b8cf639adc76d48f6c5d4"><code>330a01c</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/734">#734</a> from actions/danwkennedy/prepare-5.0.0</li> <li><a href="https://github.com/actions/upload-artifact/commit/03f282445299bbefc96171af272a984663b63a26"><code>03f2824</code></a> Update <code>github.dep.yml</code></li> <li><a href="https://github.com/actions/upload-artifact/commit/905a1ecb5915b264cbc519e4eb415b5d82916018"><code>905a1ec</code></a> Prepare <code>v5.0.0</code></li> <li><a href="https://github.com/actions/upload-artifact/commit/2d9f9cdfa99fedaddba68e9b5b5c281eca26cc63"><code>2d9f9cd</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/725">#725</a> from patrikpolyak/patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/9687587dec67f2a8bc69104e183d311c42af6d6f"><code>9687587</code></a> Merge branch 'main' into patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/2848b2cda0e5190984587ec6bb1f36730ca78d50"><code>2848b2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/727">#727</a> from danwkennedy/patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/9b511775fd9ce8c5710b38eea671f856de0e70a7"><code>9b51177</code></a> Spell out the first use of GHES</li> <li><a href="https://github.com/actions/upload-artifact/commit/cd231ca1eda77976a84805c4194a1954f56b0727"><code>cd231ca</code></a> Update GHES guidance to include reference to Node 20 version</li> <li><a href="https://github.com/actions/upload-artifact/commit/de65e23aa2b7e23d713bb51fbfcb6d502f8667d8"><code>de65e23</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/712">#712</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/8747d8cd7632611ad6060b528f3e0f654c98869c"><code>8747d8c</code></a> Update README.md</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...330a01c490aca151604b8cf639adc76d48f6c5d4">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.0 to 13.3.2 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/bc2d84ad2b60813a67d995c5582d696104a19383"><code>bc2d84a</code></a> v13.3.2</li> <li><a href="https://github.com/chromaui/action/commit/1c807fb41f4db007b022d0806c09a94dce7b5ff6"><code>1c807fb</code></a> v13.3.1</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4ffe736a2a8262ea28067ff05a13b635ba31ec05...bc2d84ad2b60813a67d995c5582d696104a19383">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <p><strong>BREAKING CHANGE:</strong> this update supports Node <code>v24.x</code>. This is not a breaking change per-se but we're treating it as such.</p> <ul> <li>Update README for download-artifact v5 changes by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/417">actions/download-artifact#417</a></li> <li>Update README with artifact extraction details by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/424">actions/download-artifact#424</a></li> <li>Readme: spell out the first use of GHES by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> <li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li> <li>Prepare <code>v6.0.0</code> by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/438">actions/download-artifact#438</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/431">actions/download-artifact#431</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v5...v6.0.0">https://github.com/actions/download-artifact/compare/v5...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53"><code>018cc2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/438">#438</a> from actions/danwkennedy/prepare-6.0.0</li> <li><a href="https://github.com/actions/download-artifact/commit/815651c680ffe1c95719d0ed08aba1a2f9d5c177"><code>815651c</code></a> Revert "Remove <code>github.dep.yml</code>"</li> <li><a href="https://github.com/actions/download-artifact/commit/bb3a066a8babc8ed7b3e4218896c548fe34e7115"><code>bb3a066</code></a> Remove <code>github.dep.yml</code></li> <li><a href="https://github.com/actions/download-artifact/commit/fa1ce46bbd11b8387539af12741055a76dfdf804"><code>fa1ce46</code></a> Prepare <code>v6.0.0</code></li> <li><a href="https://github.com/actions/download-artifact/commit/4a24838f3d5601fd639834081e118c2995d51e1c"><code>4a24838</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/431">#431</a> from danwkennedy/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/5e3251c4ff5a32e4cf8dd4adaee0e692365237ae"><code>5e3251c</code></a> Readme: spell out the first use of GHES</li> <li><a href="https://github.com/actions/download-artifact/commit/abefc31eafcfbdf6c5336127c1346fdae79ff41c"><code>abefc31</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/424">#424</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/ac43a6070aa7db8a41e756e7a2846221edca7027"><code>ac43a60</code></a> Update README with artifact extraction details</li> <li><a href="https://github.com/actions/download-artifact/commit/de96f4613b77ec03b5cf633e7c350c32bd3c5660"><code>de96f46</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/417">#417</a> from actions/yacaovsnc/update_readme</li> <li><a href="https://github.com/actions/download-artifact/commit/7993cb44e9052f2f08f9b828ae5ef3ecca7d2ac7"><code>7993cb4</code></a> Remove migration guide for artifact download changes</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/634f93cb2916e3fdff6788551b99b062d0335ce0...018cc2cf5baa6db3ef3c5f8a56943fffe632ef53">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449 to dbf178ceecb9304128c8e0648591d71208c6e2c9 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/dbf178ceecb9304128c8e0648591d71208c6e2c9"><code>dbf178c</code></a> chore(deps): bump actions/setup-node from 5.0.0 to 6.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2690">#2690</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/19002623031eba72900680c5deed5ee6333dbc12"><code>1900262</code></a> chore(deps): bump github/codeql-action from 3.30.6 to 4.30.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2693">#2693</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/27e5d78f9b6a61e3160a2fe263cca91675c08fa0"><code>27e5d78</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.6.2 to 24.9.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2695">#2695</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449...dbf178ceecb9304128c8e0648591d71208c6e2c9">compare view</a></li> </ul> </details> <br /> Updates `nixbuild/nix-quick-install-action` from 33 to 34 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nixbuild/nix-quick-install-action/releases">nixbuild/nix-quick-install-action's releases</a>.</em></p> <blockquote> <h2>nixbuild/nix-quick-install-action@v34</h2> <h2>Changes</h2> <ul> <li> <p>Update Nix versions: 2.31.0 -> 2.31.2, 2.30.0 -> 2.30.3, 2.29.1 -> 2.29.2, 2.28.4 -> 2.28.5.</p> </li> <li> <p>Bump default Nix version: 2.29.1 -> 2.29.2</p> </li> </ul> <h2>Supported Nix Versions on x86_64-linux runners</h2> <ul> <li>2.31.2</li> <li>2.30.3</li> <li>2.29.2</li> <li>2.28.5</li> <li>2.26.4</li> <li>2.24.15</li> <li>2.3.18</li> </ul> <h2>Supported Nix Versions on aarch64-linux runners</h2> <ul> <li>2.31.2</li> <li>2.30.3</li> <li>2.29.2</li> <li>2.28.5</li> <li>2.26.4</li> <li>2.24.15</li> </ul> <h2>Supported Nix Versions on x86_64-darwin runners</h2> <ul> <li>2.31.2</li> <li>2.30.3</li> <li>2.29.2</li> <li>2.28.5</li> <li>2.26.4</li> <li>2.24.15</li> <li>2.3.18</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nixbuild/nix-quick-install-action/blob/master/RELEASE">nixbuild/nix-quick-install-action's changelog</a>.</em></p> <blockquote> <p>v34</p> <h2>Changes</h2> <ul> <li> <p>Update Nix versions: 2.31.0 -> 2.31.2, 2.30.0 -> 2.30.3, 2.29.1 -> 2.29.2, 2.28.4 -> 2.28.5.</p> </li> <li> <p>Bump default Nix version: 2.29.1 -> 2.29.2</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/2c9db80fb984ceb1bcaa77cdda3fdf8cfba92035"><code>2c9db80</code></a> Release v34</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/6dd8039259767bef94d598f79b506a92ee991ff8"><code>6dd8039</code></a> ci: Fix versions</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/a7214c23df4e59da80e6e71503e1f766444fb1e2"><code>a7214c2</code></a> Fix default version</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/efda085bcade238a03bdbd41f224f08d4ef362e9"><code>efda085</code></a> Bump Nix versions</li> <li><a href="https://github.com/nixbuild/nix-quick-install-action/commit/b644e5e09df2afc194ad86b2a8467b701d15c606"><code>b644e5e</code></a> Update README and workflows for v33</li> <li>See full diff in <a href="https://github.com/nixbuild/nix-quick-install-action/compare/1f095fee853b33114486cfdeae62fa099cda35a9...2c9db80fb984ceb1bcaa77cdda3fdf8cfba92035">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.30.9 to 4.31.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.0</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.0/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <h2>4.30.9 - 17 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.3. <a href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li> <li>Experimental: A new <code>setup-codeql</code> action has been added which is similar to <code>init</code>, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li> </ul> <h2>4.30.8 - 10 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.30.7 - 06 Oct 2025</h2> <ul> <li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li> </ul> <h2>3.30.6 - 02 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.2. <a href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li> </ul> <h2>3.30.5 - 26 Sep 2025</h2> <ul> <li>We fixed a bug that was introduced in <code>3.30.4</code> with <code>upload-sarif</code> which resulted in files without a <code>.sarif</code> extension not getting uploaded. <a href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li> </ul> <h2>3.30.4 - 25 Sep 2025</h2> <ul> <li>We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the <code>codeql-action/init</code> step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the <code>codeql-action/init</code> step. <a href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a> and <a href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li> <li>We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. <a href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li> <li>You can now run the latest CodeQL nightly bundle by passing <code>tools: nightly</code> to the <code>init</code> action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li> <li>Update default CodeQL bundle version to 2.23.1. <a href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li> </ul> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/4e94bd11f71e507f7f87df81788dff88d1dacbfb"><code>4e94bd1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3235">#3235</a> from github/update-v4.31.0-1d36546c1</li> <li><a href="https://github.com/github/codeql-action/commit/8f11182164f2181cc5608a575e3c7ef3bc4a9cd1"><code>8f11182</code></a> Update changelog for v4.31.0</li> <li><a href="https://github.com/github/codeql-action/commit/1d36546c1419dc613cdb4b7fde46b1c81643ccbe"><code>1d36546</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3234">#3234</a> from github/mbg/changelog/post-processing</li> <li><a href="https://github.com/github/codeql-action/commit/08ada26e6a4768939d6da6a5e23ae69052948fd7"><code>08ada26</code></a> Add changelog entry for post-processing change</li> <li><a href="https://github.com/github/codeql-action/commit/b843cbeed03550ed4937992fa96258262e955178"><code>b843cbe</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3233">#3233</a> from github/mbg/getOptionalEnvVar</li> <li><a href="https://github.com/github/codeql-action/commit/1ecd56391940567d00fd07e34b4ca7b75dadd92a"><code>1ecd563</code></a> Use <code>getOptionalEnvVar</code> in <code>writePostProcessedFiles</code></li> <li><a href="https://github.com/github/codeql-action/commit/e57680792076a32e6f147ccf58374517ea645a31"><code>e576807</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3223">#3223</a> from github/henrymercer/bump-minimum</li> <li><a href="https://github.com/github/codeql-action/commit/ad3567666919ea4249d02a26c230ea8e0daef410"><code>ad35676</code></a> Add <code>getOptionalEnvVar</code> function</li> <li><a href="https://github.com/github/codeql-action/commit/d75645b13f453e29a7f3c3f316babb725e644d0a"><code>d75645b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3222">#3222</a> from github/mbg/upload-lib/post-process</li> <li><a href="https://github.com/github/codeql-action/commit/710606cc35e2444ba84bdf7702dcb481f7380ae7"><code>710606c</code></a> Check that <code>outputPath</code> is non-empty</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/16140ae1a102900babc80a33c44059580f687047...4e94bd11f71e507f7f87df81788dff88d1dacbfb">compare view</a></li> </ul> </details> <br /> Updates `Mattraks/delete-workflow-runs` from 2.0.6 to 2.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mattraks/delete-workflow-runs/releases">Mattraks/delete-workflow-runs's releases</a>.</em></p> <blockquote> <h2>v2.1.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md with contents: read permission by <a href="https://github.com/jonaslindstr"><code>@jonaslindstr</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/19">Mattraks/delete-workflow-runs#19</a></li> <li>Deletes workflow runs that do not have an existing workflow by <a href="https://github.com/watercable76"><code>@watercable76</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/20">Mattraks/delete-workflow-runs#20</a></li> <li>Quick note about GHE <code>baseUrl</code> config by <a href="https://github.com/kquinsland"><code>@kquinsland</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/32">Mattraks/delete-workflow-runs#32</a></li> <li>Added try/catch blocks to catch each error individually by <a href="https://github.com/marcelovani"><code>@marcelovani</code></a> in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/35">Mattraks/delete-workflow-runs#35</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jonaslindstr"><code>@jonaslindstr</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/19">Mattraks/delete-workflow-runs#19</a></li> <li><a href="https://github.com/watercable76"><code>@watercable76</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/20">Mattraks/delete-workflow-runs#20</a></li> <li><a href="https://github.com/kquinsland"><code>@kquinsland</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/32">Mattraks/delete-workflow-runs#32</a></li> <li><a href="https://github.com/marcelovani"><code>@marcelovani</code></a> made their first contribution in <a href="https://redirect.github.com/Mattraks/delete-workflow-runs/pull/35">Mattraks/delete-workflow-runs#35</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Mattraks/delete-workflow-runs/compare/v2.0.6...v2.1.0">https://github.com/Mattraks/delete-workflow-runs/compare/v2.0.6...v2.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/ab482449ba468316e9a8801e092d0405715c5e6d"><code>ab48244</code></a> version v2.1.0</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/feeb82053ea847a97fe4ee2aa314c94eac0eff04"><code>feeb820</code></a> Undo previous changes.</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/c61e04ec70740b989bdb168af9c948f2172856d8"><code>c61e04e</code></a> Added another try/catch block</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/f93a693640fbced9f6b9026397406572c0dddcec"><code>f93a693</code></a> Added another try/catch block</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/f40e9cd01093f8470cb92e70a971329a1c6b5ca1"><code>f40e9cd</code></a> Removed condition that is limiting deletion</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/0a28a6b9d4f62e5b211056ceead85cc6776403eb"><code>0a28a6b</code></a> Display debug messages</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/cb572387c439bdadffcac5fdba1f5fae3374309f"><code>cb57238</code></a> Display all workflows</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/8859caa93697386bdb136521cca778eb9427e800"><code>8859caa</code></a> Quick note about GHE <code>baseUrl</code> config</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/4c9f24749b7996562658e3d6e10662489e22caca"><code>4c9f247</code></a> Added better check to verify runs to be deleted, and some logging</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/20682956720600a468c346b81c1965bfc2312d70"><code>2068295</code></a> Deletes workflow runs that do not have an existing workflow</li> <li>Additional commits viewable in <a href="https://github.com/mattraks/delete-workflow-runs/compare/39f0bbed25d76b34de5594dceab824811479e5de...ab482449ba468316e9a8801e092d0405715c5e6d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-10-27 12:25:24 +00:00
dependabot[bot]	f947a34103	ci: bump the github-actions group across 1 directory with 15 updates (#20384 ) Co-authored-by: github-actions[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: M Atif Ali <atif@coder.com> Co-authored-by: Ethan Dickson <ethan@coder.com>	2025-10-24 16:06:44 +05:00
dependabot[bot]	32b72bf571	ci: bump the github-actions group with 3 updates (#19824 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.13.0 to 2.13.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.1</h2> <h2>What's Changed</h2> <ul> <li> <p>Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.</p> </li> <li> <p>Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.</p> </li> <li> <p>Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.</p> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1">https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a"><code>f4a75cf</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/588">#588</a> from step-security/rc-26</li> <li><a href="https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda"><code>95503d0</code></a> ci: remove code-review workflow</li> <li><a href="https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4"><code>4b250a0</code></a> ci: add job to confirm dist is as expected</li> <li><a href="https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b"><code>5b0ab6a</code></a> update dependencies</li> <li><a href="https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366"><code>d11f2c1</code></a> fix bug where status code was not being preserved</li> <li><a href="https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5"><code>b3fc98e</code></a> improve error handling for policy store sceanrio</li> <li><a href="https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f"><code>92fc5d4</code></a> update error message</li> <li><a href="https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4"><code>b61b0a4</code></a> policy store improvements</li> <li><a href="https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577"><code>e3d3f2b</code></a> use GitHub release instead of packages</li> <li><a href="https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a"><code>646ac01</code></a> update agent</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 to 1ac60965030588f3b867cdd4a3900f37ec99970c <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/1ac60965030588f3b867cdd4a3900f37ec99970c"><code>1ac6096</code></a> Upgraded to v47 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2663">#2663</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/24d32ffd492484c1d75e0c0b894501ddb9d30d62"><code>24d32ff</code></a> upgrade: to node24 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2662">#2662</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea"><code>9a67555</code></a> chore(deps-dev): bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95"><code>b67e30d</code></a> chore(deps): bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824"><code>62aef42</code></a> chore(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3"><code>e874f3c</code></a> chore(deps): bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/8c14441336bb3d84fd6b7fa83b6d7201c740baf5...1ac60965030588f3b867cdd4a3900f37ec99970c">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.30.1 to 3.30.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.30.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.30.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.30.2</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.30.2/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the <code>codeql-action/init</code> step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the <code>codeql-action/init</code> step. <a href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a> and <a href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li> <li>We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. <a href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li> </ul> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <h2>3.30.1 - 05 Sep 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.0. <a href="https://redirect.github.com/github/codeql-action/pull/3077">#3077</a></li> </ul> <h2>3.30.0 - 01 Sep 2025</h2> <ul> <li>Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. <a href="https://redirect.github.com/github/codeql-action/pull/3054">#3054</a></li> </ul> <h2>3.29.11 - 21 Aug 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.4. <a href="https://redirect.github.com/github/codeql-action/pull/3044">#3044</a></li> </ul> <h2>3.29.10 - 18 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.9 - 12 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <h2>3.29.7 - 07 Aug 2025</h2> <p>This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.</p> <h2>3.29.6 - 07 Aug 2025</h2> <ul> <li>The <code>cleanup-level</code> input to the <code>analyze</code> Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. <a href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li> <li>Update default CodeQL bundle version to 2.22.3. <a href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/192325c86100d080feab897ff886c34abd4c83a3"><code>192325c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3104">#3104</a> from github/update-v3.30.3-b660efdcf</li> <li><a href="https://github.com/github/codeql-action/commit/e68956d90b7fe2260904652cd8de5d73563e4944"><code>e68956d</code></a> Update changelog for v3.30.3</li> <li><a href="https://github.com/github/codeql-action/commit/b660efdcfdfa893d74568cd884067ed18e8d6f88"><code>b660efd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3103">#3103</a> from github/mbg/fix/category-check</li> <li><a href="https://github.com/github/codeql-action/commit/e49458befe579c5a1088aacda9f2ae384da104ff"><code>e49458b</code></a> Fix <code>runInterpretResultsFor</code> using the wrong <code>AnalysisConfig</code> for <code>category</code> fix</li> <li><a href="https://github.com/github/codeql-action/commit/f374a62c8bedef779582aeb425a68f7798f2078c"><code>f374a62</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3098">#3098</a> from github/kaspersv/increase-overlay-base-size-limit</li> <li><a href="https://github.com/github/codeql-action/commit/5efa438e92992578d794ae4ceed960bf81011677"><code>5efa438</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3101">#3101</a> from github/mbg/public-repo-notice-in-pr-template</li> <li><a href="https://github.com/github/codeql-action/commit/8a84a62542ea24fd569eb5afdfb2507c25328ab9"><code>8a84a62</code></a> Overlay: Increase size limit for cached overlay base database</li> <li><a href="https://github.com/github/codeql-action/commit/eb50a881d87eb8488328fefe024ae2f6add8384f"><code>eb50a88</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3097">#3097</a> from github/redsun82/only-dump-sarif</li> <li><a href="https://github.com/github/codeql-action/commit/4c534612bf77788909753a5602e96710156f5758"><code>4c53461</code></a> Tweak sarif dump log</li> <li><a href="https://github.com/github/codeql-action/commit/dae3742b0a3b9e08acc580e15ef74bdc454d650a"><code>dae3742</code></a> Dump soon to be uploaded SARIF on request</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/f1f6e5f6af878fb37288ce1c627459e94dbf7d01...192325c86100d080feab897ff886c34abd4c83a3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-15 12:40:44 +00:00
dependabot[bot]	0b460b8d95	ci: bump the github-actions group across 1 directory with 16 updates (#19736 ) Bumps the github-actions group with 16 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.3.0` \| `5.0.0` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.35.3` \| `1.36.2` \| \| [azure/setup-helm](https://github.com/azure/setup-helm) \| `4.3.0` \| `4.3.1` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.1.3` \| `13.1.4` \| \| [actions/setup-java](https://github.com/actions/setup-java) \| `4.7.1` \| `5.0.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.12` \| `3.0.0` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.2.0` \| `3.0.1` \| \| [actions/attest](https://github.com/actions/attest) \| `2.4.0` \| `3.0.0` \| \| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) \| `2.3.4` \| `3.0.0` \| \| [actions/github-script](https://github.com/actions/github-script) \| `7.0.1` \| `8.0.0` \| \| [depot/build-push-action](https://github.com/depot/build-push-action) \| `1.15.0` \| `1.16.2` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `f963b3f3562b00b6d2dd25efc390eb04e51ef6c6` \| `8c14441336bb3d84fd6b7fa83b6d7201c740baf5` \| \| [nixbuild/nix-quick-install-action](https://github.com/nixbuild/nix-quick-install-action) \| `32` \| `33` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.8` \| `3.30.1` \| \| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) \| `0.32.0` \| `0.33.1` \| \| [actions/stale](https://github.com/actions/stale) \| `9.1.0` \| `10.0.0` \| Updates `actions/checkout` from 4.3.0 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a> Prepare v5.0.0 release (<a href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li> <li><a href="https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917"><code>9f26565</code></a> Update actions checkout to use node 24 (<a href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/08eba0b27e820071cde6df949e0beb9ba4906955...08c6903cd8c0fde910a37f88322edcfb5dd907a8">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.35.3 to 1.36.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.36.2</h2> <h2>[1.36.2] - 2025-09-04</h2> <h3>Fixes</h3> <ul> <li>Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8</li> </ul> <h2>v1.36.1</h2> <h2>[1.36.1] - 2025-09-03</h2> <h3>Fixes</h3> <ul> <li>Replaced the error rendering for various quality of life improvements</li> </ul> <h2>v1.36.0</h2> <h2>[1.36.0] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1345">August 2025</a> changes</li> </ul> <h2>v1.35.8</h2> <h2>[1.35.8] - 2025-09-02</h2> <h2>v1.35.7</h2> <h2>[1.35.7] - 2025-08-29</h2> <h3>Documentation</h3> <ul> <li>Expand PyPI metadata</li> </ul> <h2>v1.35.6</h2> <h2>[1.35.6] - 2025-08-28</h2> <h3>Fixes</h3> <ul> <li>Track <code>go.mod</code> as a golang file (regression from 1.13.21)</li> </ul> <h2>v1.35.5</h2> <h2>[1.35.5] - 2025-08-18</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>accidently</code></li> <li>Fix typo in correction to <code>dynamincally</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>messager</code></li> <li>Fix typo in correction to <code>preferables</code></li> <li>Fix typo in correction to <code>producibles</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.36.2] - 2025-09-04</h2> <h3>Fixes</h3> <ul> <li>Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8</li> </ul> <h2>[1.36.1] - 2025-09-03</h2> <h3>Fixes</h3> <ul> <li>Replaced the error rendering for various quality of life improvements</li> </ul> <h2>[1.36.0] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1345">August 2025</a> changes</li> </ul> <h2>[1.35.8] - 2025-09-02</h2> <h2>[1.35.7] - 2025-08-29</h2> <h3>Documentation</h3> <ul> <li>Expand PyPI metadata</li> </ul> <h2>[1.35.6] - 2025-08-28</h2> <h3>Fixes</h3> <ul> <li>Track <code>go.mod</code> as a golang file (regression from 1.13.21)</li> </ul> <h2>[1.35.5] - 2025-08-18</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>accidently</code></li> <li>Fix typo in correction to <code>dynamincally</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>messager</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/85f62a8a84f939ae994ab3763f01a0296d61a7ee"><code>85f62a8</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/6f26306a9140281f8f46294118abc2b5cf88a04d"><code>6f26306</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/6bd8b39b57af405b681ed2d7d563f5cdf788388f"><code>6bd8b39</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1374">#1374</a> from epage/invalid</li> <li><a href="https://github.com/crate-ci/typos/commit/f5e19d303814c9192cf68dba44e25b470ef29461"><code>f5e19d3</code></a> fix(cli): Don't panic with invalid utf-8</li> <li><a href="https://github.com/crate-ci/typos/commit/5062775d92cab861376d135b425089eba7bb719d"><code>5062775</code></a> test(cli): Generalize utf16 tests</li> <li><a href="https://github.com/crate-ci/typos/commit/b6297a6a5072df106aa9d94197f5d0533a9730bc"><code>b6297a6</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/e6d718928a2978481771e814abdc731cb904c980"><code>e6d7189</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/1bf1ed2584d38a3d8f47e0715013e092bdda3cec"><code>1bf1ed2</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1372">#1372</a> from epage/render</li> <li><a href="https://github.com/crate-ci/typos/commit/9e79b8d2c636476c043d040ddaa0413ad065f28b"><code>9e79b8d</code></a> refactor(cli): Give control over the whole group</li> <li><a href="https://github.com/crate-ci/typos/commit/a5fa6034532da62881f747a74e2bbc1f58886265"><code>a5fa603</code></a> refactor(cli): Extract snippet creation</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/52bd719c2c91f9d676e2aa359fc8e0db8925e6d8...85f62a8a84f939ae994ab3763f01a0296d61a7ee">compare view</a></li> </ul> </details> <br /> Updates `azure/setup-helm` from 4.3.0 to 4.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/azure/setup-helm/releases">azure/setup-helm's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <h3>Changed</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/167">#167</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/167">Pinning Action Dependencies for Security and Reliability</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/181">#181</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/181">Fix types, and update node version.</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/191">chore(tests): Mock arch to make tests pass on arm host</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/192">chore: remove unnecessary prebuild script</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/203">Update helm version retrieval to use JSON output for latest version</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/207">ci(workflows): update helm version to v3.18.4 and add matrix for tests</a></li> </ul> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/197">#197</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/197">Add pre-commit hook</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md">azure/setup-helm's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <h2>[4.3.1] - 2025-08-12</h2> <h3>Changed</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/167">#167</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/167">Pinning Action Dependencies for Security and Reliability</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/181">#181</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/181">Fix types, and update node version.</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/191">chore(tests): Mock arch to make tests pass on arm host</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/192">chore: remove unnecessary prebuild script</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/203">Update helm version retrieval to use JSON output for latest version</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/207">ci(workflows): update helm version to v3.18.4 and add matrix for tests</a></li> </ul> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/197">#197</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/197">Add pre-commit hook</a></li> </ul> <h2>[4.3.0] - 2025-02-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a> feat: log when restoring from cache</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a> Dependencies Update</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a> Add dependabot</li> </ul> <h2>[4.2.0] - 2024-04-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/124">#124</a> Fix OS detection and download OS-native archive extension</li> </ul> <h2>[4.1.0] - 2024-03-01</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/130">#130</a> switches to use Helm published file to read latest version instead of using GitHub releases</li> </ul> <h2>[4.0.0] - 2024-02-12</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/121">#121</a> update to node20 as node16 is deprecated</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Azure/setup-helm/commit/1a275c3b69536ee54be43f2070a358922e12c8d4"><code>1a275c3</code></a> build</li> <li><a href="https://github.com/Azure/setup-helm/commit/9e7f762d6f65c7a11db6cd4eadcf3c602b273f47"><code>9e7f762</code></a> chore(release): v4.3.1 (<a href="https://redirect.github.com/azure/setup-helm/issues/208">#208</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/c096176d63fc5e293d360dd405e4b9ab2ddadccd"><code>c096176</code></a> Bump <code>@types/node</code> from 24.1.0 to 24.2.1 in the actions group (<a href="https://redirect.github.com/azure/setup-helm/issues/206">#206</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/5e7287287e0a62377e90be8d80c4e9520ad5676b"><code>5e72872</code></a> ci(workflows): update helm version to v3.18.4 and add matrix for tests (<a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/fb8fa4070642059a5ed2b5d02e2992422ebb5f09"><code>fb8fa40</code></a> Update default helm version to 3.18.3 (<a href="https://redirect.github.com/azure/setup-helm/issues/194">#194</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/0d097290a8b8242b9d9c3aae2628122e860fea32"><code>0d09729</code></a> chore: remove unnecessary prebuild script (<a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/32bc12022d790ee9f7033b2b57cd5c7c309e5333"><code>32bc120</code></a> chore(tests): Mock arch to make tests pass on arm host (<a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/51463d68e891cc6fcd306c1f61fce342582ac53b"><code>51463d6</code></a> Bump the actions group with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/205">#205</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/aff10941b250308c1eea3c6dd4a2e8602246ba0f"><code>aff1094</code></a> Bump the actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/204">#204</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/a10a5247d8e840d5e622e4e00cfc8b6103a9cafa"><code>a10a524</code></a> Update helm version retrieval to use JSON output for latest version (<a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a>)</li> <li>Additional commits viewable in <a href="https://github.com/azure/setup-helm/compare/b9e51907a09c216f16ebe8536097933489208112...1a275c3b69536ee54be43f2070a358922e12c8d4">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.1.3 to 13.1.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/d0795df816d05c4a89c80295303970fddd247cce"><code>d0795df</code></a> v13.1.4</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/58d9ffb36c90c97a02d061544ecc849cc4a242a9...d0795df816d05c4a89c80295303970fddd247cce">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 4.7.1 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Upgrade to node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p>Make sure your runner is updated to this version or newer to use this release. v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade Publish Immutable Action by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/798">actions/setup-java#798</a></li> <li>Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/730">actions/setup-java#730</a></li> <li>Upgrade undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/833">actions/setup-java#833</a></li> <li>Upgrade form-data to bring in fix for critical vulnerability by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/887">actions/setup-java#887</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/896">actions/setup-java#896</a></li> </ul> <h3>Bug Fixes</h3> <ul> <li>Prevent default installation of JetBrains pre-releases by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/859">actions/setup-java#859</a></li> <li>Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v5.0.0">https://github.com/actions/setup-java/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/dded0888837ed1f317902acf8a20df0ad188d165"><code>dded088</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/setup-java/issues/896">#896</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/0913e9a06eb8b69c62db76aa61f580c2b3a5b4e0"><code>0913e9a</code></a> Upgrade to node 24 (<a href="https://redirect.github.com/actions/setup-java/issues/888">#888</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/e9343db97e09d87a3c50e544105d99fe912c204b"><code>e9343db</code></a> Bumps form-data (<a href="https://redirect.github.com/actions/setup-java/issues/887">#887</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ae2b61dbc685e60e4427b2e8ed4f0135c6ea8597"><code>ae2b61d</code></a> Bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/actions/setup-java/issues/833">#833</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/c190c18febcf6c040d80b10ea201a05a2c320263"><code>c190c18</code></a> Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (<a href="https://redirect.github.com/actions/setup-java/issues/730">#730</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/67aec007b3fcabe15ca665bfccc1e255dd52e30d"><code>67aec00</code></a> Fix: prevent default installation of JetBrains pre-releases (<a href="https://redirect.github.com/actions/setup-java/issues/859">#859</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ebb356cc4e59bcf94f518203228485f5d40e4b58"><code>ebb356c</code></a> Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...</li> <li><a href="https://github.com/actions/setup-java/commit/f4f1212c880fdec8162ea9a6493f4495191887b4"><code>f4f1212</code></a> Update publish-immutable-actions.yml (<a href="https://redirect.github.com/actions/setup-java/issues/798">#798</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/c5195efecf7bdfc987ee8bae7a71cb8b11521c00...dded0888837ed1f317902acf8a20df0ad188d165">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.12 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump to Node 24 and remove old parameters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/508">google-github-actions/auth#508</a></li> <li>Remove hacky script by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/509">google-github-actions/auth#509</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/510">google-github-actions/auth#510</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2...v3.0.0">https://github.com/google-github-actions/auth/compare/v2...v3.0.0</a></p> <h2>v2.1.13</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/506">google-github-actions/auth#506</a></li> <li>Release: v2.1.13 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/507">google-github-actions/auth#507</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13">https://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/7c6bc770dae815cd3e89ee6cdf493a5fab2cc093"><code>7c6bc77</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/auth/issues/510">#510</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/42e4997ee345eebb9d114030d0f9e9b47829ee80"><code>42e4997</code></a> Remove hacky script (<a href="https://redirect.github.com/google-github-actions/auth/issues/509">#509</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/5ea4dc11472eebb0a541812f1063c7d318adf57e"><code>5ea4dc1</code></a> Bump to Node 24 and remove old parameters (<a href="https://redirect.github.com/google-github-actions/auth/issues/508">#508</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/c200f3691d83b41bf9bbd8638997a462592937ed"><code>c200f36</code></a> Release: v2.1.13 (<a href="https://redirect.github.com/google-github-actions/auth/issues/507">#507</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/3a53be7e7cedfadb446e102fa59e97734b2ad238"><code>3a53be7</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/506">#506</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/b7593ed2efd1c1617e1b0254da33b86225adb2a5...7c6bc770dae815cd3e89ee6cdf493a5fab2cc093">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.2.0 to 3.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>What's Changed</h2> <ul> <li>Release: v3.0.1 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/729">google-github-actions/setup-gcloud#729</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v3.0.0...v3.0.1">https://github.com/google-github-actions/setup-gcloud/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li><strong>‼️ This release requires Node 24+!</strong></li> <li><strong>‼️ The <code>skip_tool_cache</code> option has been removed!</strong> Skipping the tool cache is now the default behavior. To restore the previous behavior of using the tool cache (which is unnecessary on GitHub managed runners, but may provide performance increases on self-hosted runners), set <code>cache: true</code>.</li> </ul> <hr /> <ul> <li>Bump to node24 by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/723">google-github-actions/setup-gcloud#723</a></li> <li>Do not use the tool-cache by default by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/724">google-github-actions/setup-gcloud#724</a></li> <li>Update to use v3 references by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/725">google-github-actions/setup-gcloud#725</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/726">google-github-actions/setup-gcloud#726</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.2.1...v3.0.0">https://github.com/google-github-actions/setup-gcloud/compare/v2.2.1...v3.0.0</a></p> <h2>v3</h2> <p>Floating v3 tag</p> <h2>v2.2.1</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/720">google-github-actions/setup-gcloud#720</a></li> <li>Bump to the latest actions-utils to fix the gen-readme bug by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/721">google-github-actions/setup-gcloud#721</a></li> <li>Release: v2.2.1 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/722">google-github-actions/setup-gcloud#722</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.2.1">https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/aa5489c8933f4cc7a4f7d45035b3b1440c9c10db"><code>aa5489c</code></a> Release: v3.0.1 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/729">#729</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/26f734c2779b00b7dda794207734c511110a4368"><code>26f734c</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/726">#726</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/d26df95ce13fba88a7c3f942b50bab0a6e17dc95"><code>d26df95</code></a> Update to use v3 references (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/725">#725</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/f7c29183d6310acc4d89a82a2e4a06374e259082"><code>f7c2918</code></a> Do not use the tool-cache by default (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/724">#724</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/6387e6954450355c9cd00e752f0b5e6a07078e1a"><code>6387e69</code></a> Bump to node24 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/723">#723</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/e427ad8a34f8676edf47cf7d7925499adf3eb74f"><code>e427ad8</code></a> Release: v2.2.1 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/722">#722</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/d71efb74bd86be0c5c0035758f8b5b9069ef835f"><code>d71efb7</code></a> Bump to the latest actions-utils to fix the gen-readme bug (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/721">#721</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/ed8ba68de5f95fc08e400796581a06a4acab88ae"><code>ed8ba68</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/720">#720</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/cb1e50a9932213ecece00a606661ae9ca44f3397...aa5489c8933f4cc7a4f7d45035b3b1440c9c10db">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.4.0 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump form-data from 4.0.0 to 4.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/266">actions/attest#266</a></li> <li>Bump <code>@sigstore/oci</code> from 0.5.0 to 0.6.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/271">actions/attest#271</a></li> <li>Upgrade to Node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> / <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/276">actions/attest#276</a></li> <li>Improved checksum parsing by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/280">actions/attest#280</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p>v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2.4.0...v3.0.0">https://github.com/actions/attest/compare/v2.4.0...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/daf44fb950173508f38bd2406030372c1d1162b1"><code>daf44fb</code></a> improved checksum parsing (<a href="https://redirect.github.com/actions/attest/issues/280">#280</a>)</li> <li><a href="https://github.com/actions/attest/commit/eda10f897a7c40837fe73266c10a25e1046b87ff"><code>eda10f8</code></a> Upgrade to Node 24 (<a href="https://redirect.github.com/actions/attest/issues/276">#276</a>)</li> <li><a href="https://github.com/actions/attest/commit/1e2321d2815b6c07c5479f3309d67a7698b091a1"><code>1e2321d</code></a> remove super-linter (<a href="https://redirect.github.com/actions/attest/issues/283">#283</a>)</li> <li><a href="https://github.com/actions/attest/commit/aecfe99586992ebf9c025e2fb6ebb78f4f445055"><code>aecfe99</code></a> Bump the npm-development group across 1 directory with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/282">#282</a>)</li> <li><a href="https://github.com/actions/attest/commit/03f25d860248eee1946e81e6ad8d2420e4de03f3"><code>03f25d8</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/273">#273</a>)</li> <li><a href="https://github.com/actions/attest/commit/0fca5a6fa3c943b77f214acb62a366c247a8469e"><code>0fca5a6</code></a> use absolute path in linter config (<a href="https://redirect.github.com/actions/attest/issues/275">#275</a>)</li> <li><a href="https://github.com/actions/attest/commit/238c03f77f9c851e5129d01004ff41fa0c755c35"><code>238c03f</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/attest/issues/272">#272</a>)</li> <li><a href="https://github.com/actions/attest/commit/9c3e2717a6a9e8eafa4f389f0874b682bcb6f052"><code>9c3e271</code></a> Bump <code>@sigstore/oci</code> from 0.5.0 to 0.6.0 (<a href="https://redirect.github.com/actions/attest/issues/271">#271</a>)</li> <li><a href="https://github.com/actions/attest/commit/b40d9fa17a9e7bc51fb727ac9b6dae3ea1da6fa3"><code>b40d9fa</code></a> Bump the npm-development group with 8 updates (<a href="https://redirect.github.com/actions/attest/issues/270">#270</a>)</li> <li><a href="https://github.com/actions/attest/commit/e831e0e28dfaff51bc0c846aef5bb4195609318f"><code>e831e0e</code></a> Bump form-data from 4.0.0 to 4.0.4 (<a href="https://redirect.github.com/actions/attest/issues/266">#266</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc...daf44fb950173508f38bd2406030372c1d1162b1">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/get-gke-credentials` from 2.3.4 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump to Node 24 by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/339">google-github-actions/get-gke-credentials#339</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/340">google-github-actions/get-gke-credentials#340</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2...v3.0.0">https://github.com/google-github-actions/get-gke-credentials/compare/v2...v3.0.0</a></p> <h2>v2.3.5</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/337">google-github-actions/get-gke-credentials#337</a></li> <li>Release: v2.3.5 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/338">google-github-actions/get-gke-credentials#338</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.4...v2.3.5">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.4...v2.3.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/3da1e46a907576cefaa90c484278bb5b259dd395"><code>3da1e46</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/340">#340</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/a1565805d2a41ba5f23190da0a27b6c53ae74250"><code>a156580</code></a> Bump to Node 24 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/339">#339</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/64bc7249bbcf78056bb92f14d3cedc2da193946c"><code>64bc724</code></a> Release: v2.3.5 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/338">#338</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/9de2e29024e4aeff8cf37aaa326508267ea011fc"><code>9de2e29</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/337">#337</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/get-gke-credentials/compare/8e574c49425fa7efed1e74650a449bfa6a23308a...3da1e46a907576cefaa90c484278bb5b259dd395">compare view</a></li> </ul> </details> <br /> Updates `actions/github-script` from 7.0.1 to 8.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/github-script/releases">actions/github-script's releases</a>.</em></p> <blockquote> <h2>v8.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update Node.js version support to 24.x by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li>README for updating actions/github-script from v7 to v8 by <a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li><a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v7.1.0...v8.0.0">https://github.com/actions/github-script/compare/v7.1.0...v8.0.0</a></p> <h2>v7.1.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade husky to v9 by <a href="https://github.com/benelan"><code>@benelan</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li> <li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/486">actions/github-script#486</a></li> <li>Fix workflow status badges by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/497">actions/github-script#497</a></li> <li>Update usage of <code>actions/upload-artifact</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/512">actions/github-script#512</a></li> <li>Clear up package name confusion by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/514">actions/github-script#514</a></li> <li>Update dependencies with <code>npm audit fix</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/515">actions/github-script#515</a></li> <li>Specify that the used script is JavaScript by <a href="https://github.com/timotk"><code>@timotk</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li> <li>chore: Add Dependabot for NPM and Actions by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/472">actions/github-script#472</a></li> <li>Define <code>permissions</code> in workflows and update actions by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/531">actions/github-script#531</a></li> <li>chore: Add Dependabot for .github/actions/install-dependencies by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/532">actions/github-script#532</a></li> <li>chore: Remove .vscode settings by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/533">actions/github-script#533</a></li> <li>ci: Use github/setup-licensed by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/473">actions/github-script#473</a></li> <li>make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by <a href="https://github.com/iamstarkov"><code>@iamstarkov</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li> <li>Remove <code>octokit</code> README updates for v7 by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/557">actions/github-script#557</a></li> <li>docs: add "exec" usage examples by <a href="https://github.com/neilime"><code>@neilime</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li> <li>Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/github-script/pull/563">actions/github-script#563</a></li> <li>Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/github-script/pull/575">actions/github-script#575</a></li> <li>Clearly document passing inputs to the <code>script</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/603">actions/github-script#603</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benelan"><code>@benelan</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li> <li><a href="https://github.com/timotk"><code>@timotk</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li> <li><a href="https://github.com/iamstarkov"><code>@iamstarkov</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li> <li><a href="https://github.com/neilime"><code>@neilime</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v7...v7.1.0">https://github.com/actions/github-script/compare/v7...v7.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd"><code>ed59741</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/653">#653</a> from actions/sneha-krip/readme-for-v8</li> <li><a href="https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3"><code>2dc352e</code></a> Bold minimum Actions Runner version in README</li> <li><a href="https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1"><code>01e118c</code></a> Update README for Node 24 runtime requirements</li> <li><a href="https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b"><code>8b222ac</code></a> Apply suggestion from <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a></li> <li><a href="https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25"><code>adc0eea</code></a> README for updating actions/github-script from v7 to v8</li> <li><a href="https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425"><code>20fe497</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/637">#637</a> from actions/node24</li> <li><a href="https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164"><code>e7b7f22</code></a> update licenses</li> <li><a href="https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b"><code>2c81ba0</code></a> Update Node.js version support to 24.x</li> <li><a href="https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b"><code>f28e40c</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/610">#610</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3"><code>1ae9958</code></a> Update README.md</li> <li>Additional commits viewable in <a href="https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd">compare view</a></li> </ul> </details> <br /> Updates `depot/build-push-action` from 1.15.0 to 1.16.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/build-push-action/releases">depot/build-push-action's releases</a>.</em></p> <blockquote> <h2>v1.16.2</h2> <h2>What's Changed</h2> <ul> <li>Use ubuntu-latest for release workflow (<a href="https://redirect.github.com/depot/build-push-action/issues/42">#42</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.16.1</h2> <h2>What's Changed</h2> <ul> <li>Update <code>@depot/actions-public-oidc-client</code> to v1.1.0 (<a href="https://redirect.github.com/depot/build-push-action/issues/41">#41</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.16.0</h2> <h2>What's Changed</h2> <ul> <li>Add support for annotations (<a href="https://redirect.github.com/depot/build-push-action/issues/38">#38</a>) <a href="https://github.com/zanieb"><code>@zanieb</code></a></li> <li>feat: add <code>save-tags</code> for multiple depot registry tags (<a href="https://redirect.github.com/depot/build-push-action/issues/40">#40</a>) <a href="https://github.com/goller"><code>@goller</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/build-push-action/commit/9785b135c3c76c33db102e45be96a25ab55cd507"><code>9785b13</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/42">#42</a> from depot/latest</li> <li><a href="https://github.com/depot/build-push-action/commit/7a65e80415392c68bece25b0881703a9ff3e55c5"><code>7a65e80</code></a> Use ubuntu-latest for release workflow</li> <li><a href="https://github.com/depot/build-push-action/commit/0781b3393f28b17fe7982ea3fabe715825b35fad"><code>0781b33</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/41">#41</a> from depot/updates</li> <li><a href="https://github.com/depot/build-push-action/commit/d5d8e086fdcca080fa6279ece582eee909994026"><code>d5d8e08</code></a> Deduplicate dependencies</li> <li><a href="https://github.com/depot/build-push-action/commit/801feb102f76406603cd2a12b4146a7e5af86a34"><code>801feb1</code></a> Update <code>@depot/actions-public-oidc-client</code> to v1.1.0</li> <li><a href="https://github.com/depot/build-push-action/commit/0b7423b11016b0349604e22d7ea01b078bed6c70"><code>0b7423b</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/38">#38</a> from zanieb/zb/annotations</li> <li><a href="https://github.com/depot/build-push-action/commit/57a5fb2c1acdc2d3fa72bcd36b20f1ea326890de"><code>57a5fb2</code></a> Merge branch 'main' into zb/annotations</li> <li><a href="https://github.com/depot/build-push-action/commit/3ebc0d44eced926ba1bb3f8d1e29794031973ca1"><code>3ebc0d4</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/40">#40</a> from depot/feat/save-tags</li> <li><a href="https://github.com/depot/build-push-action/commit/d662c5a48fd5747bf4dce16d8484eb3ebf98ad2c"><code>d662c5a</code></a> feat: add <code>save-tags</code> for multiple depot registry tags</li> <li><a href="https://github.com/depot/build-push-action/commit/06fcbb73efc9fb42f4df83c43e283a2170c8f9cf"><code>06fcbb7</code></a> Add support for annotations</li> <li>See full diff in <a href="https://github.com/depot/build-push-action/compare/2583627a84956d07561420dcc1d0eb1f2af3fac0...9785b135c3c76c33db102e45be96a25ab55cd507">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 to 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5"><code>8c14441</code></a> chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b"><code>e995ac4</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9"><code>3b04099</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa"><code>e7b6c97</code></a> chore(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="h... _Description has been truncated_ Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-08 11:55:07 +00:00
Jon Ayers	252f7d461e	chore: pin dependencies in Dockerfiles (#19587 ) Fixes up some security issues related to lack of pinned dependencies	2025-08-27 18:41:28 -04:00
Dean Sheather	8d0bc485df	chore: add actionlint and zizmor linters (#19459 )	2025-08-21 22:14:43 +10:00
Jon Ayers	e99c33e0d1	chore: restrict who can make releases (#19326 ) This PR confines who can run the `Release` action to members with `maintain` or above	2025-08-12 23:43:28 -04:00
Ethan	fb8036a154	ci: fix gcp service accounts (#19312 ) Service accounts got deleted, oops	2025-08-12 22:02:56 +10:00
dependabot[bot]	cbcdda25dc	ci: bump the github-actions group with 8 updates (#19293 ) Bumps the github-actions group with 8 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.2.2` \| `4.3.0` \| \| [actions/cache](https://github.com/actions/cache) \| `4.2.3` \| `4.2.4` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.34.0` \| `1.35.3` \| \| [docker/login-action](https://github.com/docker/login-action) \| `3.4.0` \| `3.5.0` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.1.5` \| `2.2.0` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `4.3.0` \| `5.0.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `c2ca2493190021783138cb8aac49bcee14b4bb89` \| `f963b3f3562b00b6d2dd25efc390eb04e51ef6c6` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.7` \| `3.29.8` \| Updates `actions/checkout` from 4.2.2 to 4.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08eba0b27e820071cde6df949e0beb9ba4906955"><code>08eba0b</code></a> Prepare release v4.3.0 (<a href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li> <li><a href="https://github.com/actions/checkout/commit/631c7dc4f80f88219c5ee78fee08c6b62fac8da1"><code>631c7dc</code></a> Update package dependencies (<a href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li> <li><a href="https://github.com/actions/checkout/commit/8edcb1bdb4e267140fa742c62e395cd74f332709"><code>8edcb1b</code></a> Update CODEOWNERS for actions (<a href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li> <li><a href="https://github.com/actions/checkout/commit/09d2acae674a48949e3602304ab46fd20ae0c42f"><code>09d2aca</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li> <li><a href="https://github.com/actions/checkout/commit/85e6279cec87321a52edac9c87bce653a07cf6c2"><code>85e6279</code></a> Adjust positioning of user email note and permissions heading (<a href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li> <li><a href="https://github.com/actions/checkout/commit/009b9ae9e446ad8d9b8c809870b0fbcc5e03573e"><code>009b9ae</code></a> Documentation update - add recommended permissions to Readme (<a href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li> <li><a href="https://github.com/actions/checkout/commit/cbb722410c2e876e24abbe8de2cc27693e501dcb"><code>cbb7224</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li> <li><a href="https://github.com/actions/checkout/commit/3b9b8c884f6b4bb4d5be2779c26374abadae0871"><code>3b9b8c8</code></a> docs: update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08eba0b27e820071cde6df949e0beb9ba4906955">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 4.2.3 to 4.2.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.2.4</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li> <li>Upgrade <code>@actions/cache</code> to <code>4.0.5</code> and move <code>@protobuf-ts/plugin</code> to dev depdencies by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1634">actions/cache#1634</a></li> <li>Prepare release <code>4.2.4</code> by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1636">actions/cache#1636</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4...v4.2.4">https://github.com/actions/cache/compare/v4...v4.2.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <ul> <li>Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - <a href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li> <li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li> </ul> <h3>4.1.1</h3> <ul> <li>Restore original behavior of <code>cache-hit</code> output - <a href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li> </ul> <h3>4.1.0</h3> <ul> <li>Ensure <code>cache-hit</code> output is set when a cache is missed - <a href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li> <li>Deprecate <code>save-always</code> input - <a href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li> </ul> <h3>4.0.2</h3> <ul> <li>Fixed restore <code>fail-on-cache-miss</code> not working.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/0400d5f644dc74513175e3cd8d07132dd4860809"><code>0400d5f</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1636">#1636</a> from actions/Link-/release-4.2.4</li> <li><a href="https://github.com/actions/cache/commit/374a27f26986edd8c430f386d152a856e179c0ae"><code>374a27f</code></a> Prepare release 4.2.4</li> <li><a href="https://github.com/actions/cache/commit/358a7306cd9d78ceffc19271e69cd8528462fccf"><code>358a730</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1634">#1634</a> from actions/Link-/optimise-deps</li> <li><a href="https://github.com/actions/cache/commit/2ee706ef74683b68fd97d45e549070fc28642768"><code>2ee706e</code></a> Fix with another approach</li> <li><a href="https://github.com/actions/cache/commit/94f7b5d9135a3af2d928e87120da293c9a920f90"><code>94f7b5d</code></a> Fix bundle exec</li> <li><a href="https://github.com/actions/cache/commit/c36116c3f4852e9868973e98be949d101f296afa"><code>c36116c</code></a> Fix the workflow to use licensed from source</li> <li><a href="https://github.com/actions/cache/commit/320fe7d56bfd8d9e7b7694dce399643f5b61d580"><code>320fe7d</code></a> Update the licensed workflow to use the latest version</li> <li><a href="https://github.com/actions/cache/commit/d81cc477d92d48462edee5b1e53b15613993e818"><code>d81cc47</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/de243982c557f21f36de55f0c01cd6a8e7a6aa71"><code>de24398</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/e7b6a9cc9d34d03fd2bf2834b35a8b9e82faa8e5"><code>e7b6a9c</code></a> <code>@protobuf-ts/plugin</code> to dev dependencies</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/5a3ec84eff668545956fd18022155c47e93e2684...0400d5f644dc74513175e3cd8d07132dd4860809">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.34.0 to 1.35.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.35.3</h2> <h2>[1.35.3] - 2025-08-08</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>ratatui</code> in Rust files</li> </ul> <h2>v1.35.2</h2> <h2>[1.35.2] - 2025-08-07</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>unmarshaling</code></li> </ul> <h2>v1.35.1</h2> <h2>[1.35.1] - 2025-08-04</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>apostroph</code></li> <li>Fix typo in correction to <code>cordinate</code></li> <li>Fix typo in correction to <code>reproduceability</code></li> <li>Fix typo in correction to <code>revolutionss</code></li> <li>Fix typo in correction to <code>transivity</code></li> </ul> <h2>v1.35.0</h2> <h2>[1.35.0] - 2025-08-04</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1331">July 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.35.3] - 2025-08-08</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>ratatui</code> in Rust files</li> </ul> <h2>[1.35.2] - 2025-08-07</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>unmarshaling</code></li> </ul> <h2>[1.35.1] - 2025-08-04</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>apostroph</code></li> <li>Fix typo in correction to <code>cordinate</code></li> <li>Fix typo in correction to <code>reproduceability</code></li> <li>Fix typo in correction to <code>revolutionss</code></li> <li>Fix typo in correction to <code>transivity</code></li> </ul> <h2>[1.35.0] - 2025-08-04</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1331">July 2025</a> changes</li> </ul> <h2>[1.34.0] - 2025-06-30</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1309">June 2025</a> changes</li> </ul> <h2>[1.33.1] - 2025-06-02</h2> <h3>Fixes</h3> <ul> <li><em>(dict)</em> Don't correct <code>wasn't</code> to <code>wasm't</code></li> </ul> <h2>[1.33.0] - 2025-06-02</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/52bd719c2c91f9d676e2aa359fc8e0db8925e6d8"><code>52bd719</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/c6f77dda9e9bf82551f03a500347eb06ce8a90b1"><code>c6f77dd</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/e35d08c453d5ac2a4630b633dbb63e819b129193"><code>e35d08c</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1353">#1353</a> from Rolv-Apneseth/ratatui</li> <li><a href="https://github.com/crate-ci/typos/commit/9d6691bc8cf087436d192d03414b9c2420570343"><code>9d6691b</code></a> fix: Ignore <code>ratatui</code> in Rust files</li> <li><a href="https://github.com/crate-ci/typos/commit/f1231bc2bcc92b2b18da70a877cf89afce08dd42"><code>f1231bc</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/66def6387b9bb7954423333521eed23e75651f6e"><code>66def63</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/623f09b5bc658227e7e051fc494f3af24030d1cf"><code>623f09b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/1080316783320230c1f65e1c374e44dfc13829c6"><code>1080316</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/442605b52920ac6faab2e457d3bafc0a6d05a5d1"><code>442605b</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1352">#1352</a> from epage/marshaling</li> <li><a href="https://github.com/crate-ci/typos/commit/983f866bac2164c77fc4ad8a06cdb0738c38ddba"><code>983f866</code></a> fix(dict): Don't correct marshaling</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/392b78fe18a52790c53f42456e46124f77346842...52bd719c2c91f9d676e2aa359fc8e0db8925e6d8">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.4.0 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <ul> <li>Support dual-stack endpoints for AWS ECR by <a href="https://github.com/Spacefish"><code>@Spacefish</code></a> <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/874">docker/login-action#874</a> <a href="https://redirect.github.com/docker/login-action/pull/876">docker/login-action#876</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.57.0 to 0.62.1 in <a href="https://redirect.github.com/docker/login-action/pull/870">docker/login-action#870</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/login-action/pull/875">docker/login-action#875</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.4.0...v3.5.0">https://github.com/docker/login-action/compare/v3.4.0...v3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/184bdaa0721073962dff0199f1fb9940f07167d1"><code>184bdaa</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/878">#878</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/5c6bc94683baa064818f51e7417087c2ac58b32c"><code>5c6bc94</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/caf405864315c6006c5581b540e5047cf728b4e7"><code>caf4058</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/ef38ec311a7df3f01475313e7c5bb584b74b112a"><code>ef38ec3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/860">#860</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/d52e8ef81c0de894e9c95bed8de0ee5955ec7eb7"><code>d52e8ef</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/9644ab7025be3206ff4b12f1531a1b6919022b00"><code>9644ab7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/7abd1d512621d8896b31f4ea992d207f15915ad6"><code>7abd1d5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/875">#875</a> from docker/dependabot/npm_and_yarn/form-data-2.5.5</li> <li><a href="https://github.com/docker/login-action/commit/1a81202c4fda440f3b33eca3381d5d39c7efe85e"><code>1a81202</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/876">#876</a> from crazy-max/aws-public-dual-stack</li> <li><a href="https://github.com/docker/login-action/commit/d1ab30dc54161cbfd704562857677edf4dd7837a"><code>d1ab30d</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/f25ff28d1c8cd9a7c35896711238fed682755e1c"><code>f25ff28</code></a> support dual-stack for aws public ecr</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/74a5d142397b4f367a81961eba4e8cd7edddf772...184bdaa0721073962dff0199f1fb9940f07167d1">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.1.5 to 2.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v2.2.0</h2> <h2>What's Changed</h2> <ul> <li>Introduce an option to skip the tool cache by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/718">google-github-actions/setup-gcloud#718</a></li> <li>Release: v2.2.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/719">google-github-actions/setup-gcloud#719</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.5...v2.2.0">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.5...v2.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/cb1e50a9932213ecece00a606661ae9ca44f3397"><code>cb1e50a</code></a> Release: v2.2.0 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/719">#719</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/ef52f8c087fe78d43262625448b746144fe6448c"><code>ef52f8c</code></a> Introduce an option to skip the tool cache (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/718">#718</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9...cb1e50a9932213ecece00a606661ae9ca44f3397">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.3.0 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/407">actions/download-artifact#407</a></li> <li>BREAKING fix: inconsistent path behavior for single artifact downloads by ID by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/416">actions/download-artifact#416</a></li> </ul> <h2>v5.0.0</h2> <h3>🚨 Breaking Change</h3> <p>This release fixes an inconsistency in path behavior for single artifact downloads by ID. <strong>If you're downloading single artifacts by ID, the output path may change.</strong></p> <h4>What Changed</h4> <p>Previously, <strong>single artifact downloads</strong> behaved differently depending on how you specified the artifact:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (direct)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/my-artifact/</code> (nested)</li> </ul> <p>Now both methods are consistent:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (unchanged)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/</code> (fixed - now direct)</li> </ul> <h4>Migration Guide</h4> <h5>✅ No Action Needed If:</h5> <ul> <li>You download artifacts by <strong>name</strong></li> <li>You download <strong>multiple</strong> artifacts by ID</li> <li>You already use <code>merge-multiple: true</code> as a workaround</li> </ul> <h5>⚠️ Action Required If:</h5> <p>You download <strong>single artifacts by ID</strong> and your workflows expect the nested directory structure.</p> <p><strong>Before v5 (nested structure):</strong></p> <pre lang="yaml"><code>- uses: actions/download-artifact@v4 with: artifact-ids: 12345 path: dist # Files were in: dist/my-artifact/ </code></pre> <blockquote> <p>Where <code>my-artifact</code> is the name of the artifact you previously uploaded</p> </blockquote> <p><strong>To maintain old behavior (if needed):</strong></p> <pre lang="yaml"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/634f93cb2916e3fdff6788551b99b062d0335ce0"><code>634f93c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/416">#416</a> from actions/single-artifact-id-download-path</li> <li><a href="https://github.com/actions/download-artifact/commit/b19ff4302770b82aa4694b63703b547756dacce6"><code>b19ff43</code></a> refactor: resolve download path correctly in artifact download tests (mainly ...</li> <li><a href="https://github.com/actions/download-artifact/commit/e262cbee4ab8c473c61c59a81ad8e9dc760e90db"><code>e262cbe</code></a> bundle dist</li> <li><a href="https://github.com/actions/download-artifact/commit/bff23f9308ceb2f06d673043ea6311519be6a87b"><code>bff23f9</code></a> update docs</li> <li><a href="https://github.com/actions/download-artifact/commit/fff8c148a8fdd56aa81fcb019f0b5f6c65700c4d"><code>fff8c14</code></a> fix download path logic when downloading a single artifact by id</li> <li><a href="https://github.com/actions/download-artifact/commit/448e3f862ab3ef47aa50ff917776823c9946035b"><code>448e3f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/407">#407</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/47225c44b359a5155efdbbbc352041b3e249fb1b"><code>47225c4</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...634f93cb2916e3fdff6788551b99b062d0335ce0">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from c2ca2493190021783138cb8aac49bcee14b4bb89 to f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6"><code>f963b3f</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017"><code>f956744</code></a> chore(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9009babdfafec9874564eacad3fb7006205ba31a"><code>9009bab</code></a> chore(deps): bump yaml from 2.8.0 to 2.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2642">#2642</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2ecafed8a9a7bcf95ff103a3753b27e044af2736"><code>2ecafed</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.5.3 to 5.5.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2643">#2643</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8cdfb7636d150253dee416a80f11c67f5ba7e9be"><code>8cdfb76</code></a> chore(deps): bump tj-actions/eslint-changed-files from 25.3.1 to 25.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2638">#2638</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/087c158d0f1269d7ac8571378b39f3130f96a736"><code>087c158</code></a> chore(deps-dev): bump ts-jest from 29.4.0 to 29.4.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2639">#2639</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/c2ca2493190021783138cb8aac49bcee14b4bb89...f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.7 to 3.29.8 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.8</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.8/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <h2>3.29.7 - 07 Aug 2025</h2> <p>This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.</p> <h2>3.29.6 - 07 Aug 2025</h2> <ul> <li>The <code>cleanup-level</code> input to the <code>analyze</code> Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. <a href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li> <li>Update default CodeQL bundle version to 2.22.3. <a href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li> </ul> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.21 - 28 July 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/76621b61decf072c1cee8dd1ce2d2a82d33c17ed"><code>76621b6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3019">#3019</a> from github/update-v3.29.8-679a40d33</li> <li><a href="https://github.com/github/codeql-action/commit/29ac3cefbb645d41622f6f9baa1415e06d73cf06"><code>29ac3ce</code></a> Add release notes for 3.29.7</li> <li><a href="https://github.com/github/codeql-action/commit/737cfdebe687c6e720fb99761f23d89751c3b93a"><code>737cfde</code></a> Update changelog for v3.29.8</li> <li><a href="https://github.com/github/codeql-action/commit/679a40d337fedd9b7318253dd72bfe7dc6d1886c"><code>679a40d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3014">#3014</a> from github/henrymercer/rebuild-dispatch</li> <li><a href="https://github.com/github/codeql-action/commit/6fe50b283a3d2e5533299f72d99216cd8815500f"><code>6fe50b2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3015">#3015</a> from github/henrymercer/language-autodetection-worka...</li> <li><a href="https://github.com/github/codeql-action/commit/6bc91d64f66d435200c8ba85c64878c3cbfad33b"><code>6bc91d6</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/6b4fedca4f3428195d7ba1ca7c7404f9ea472911"><code>6b4fedc</code></a> Bump Action patch version</li> <li><a href="https://github.com/github/codeql-action/commit/5794ffcb4ab0e87e4b8a8446ef048488303db295"><code>5794ffc</code></a> Fix auto-detection of extractors that aren't languages</li> <li><a href="https://github.com/github/codeql-action/commit/bd62bf449cd8695f818546752cc8157693e1716c"><code>bd62bf4</code></a> Finish in-progress merges</li> <li><a href="https://github.com/github/codeql-action/commit/2afb4e6f3c84ec0534284f2b47ae8206dcb401bf"><code>2afb4e6</code></a> Avoid specifying branch unnecessarily</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/51f77329afa6477de8c49fc9c7046c15b9a4e79d...76621b61decf072c1cee8dd1ce2d2a82d33c17ed">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-11 16:10:46 +00:00
Jakub Domeracki	5d42b1861e	fix: upload the slim binaries from the build directory to the GCS bucket (#19281 ) Updated the upload script to copy the slim binaries from the ./build directory to the GCS bucket (instead of the ./site/out/bin directory)	2025-08-11 12:54:44 +02:00
Jakub Domeracki	408e19fd98	fix: adjust the condition to actually run this step from release branches (#19187 ) fix: adjust the condition to actually run this step from release branches	2025-08-06 10:06:23 +02:00
dependabot[bot]	5df3bf713c	ci: bump the github-actions group with 6 updates (#19149 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.2` \| `2.13.0` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.1.2` \| `13.1.3` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.11` \| `2.1.12` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `055970845dd036d7345da7399b7e89f2e10f2b04` \| `c2ca2493190021783138cb8aac49bcee14b4bb89` \| \| [tj-actions/branch-names](https://github.com/tj-actions/branch-names) \| `8.2.1` \| `9.0.2` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.3` \| `3.29.5` \| Updates `step-security/harden-runner` from 2.12.2 to 2.13.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.0</h2> <h2>What's Changed</h2> <ul> <li>Improved job markdown summary</li> <li>Https monitoring for all domains (included with the enterprise tier)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a> from step-security/rc-24</li> <li><a href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a> feat: get job summary from API</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/v2.12.2...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.1.2 to 13.1.3 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/58d9ffb36c90c97a02d061544ecc849cc4a242a9"><code>58d9ffb</code></a> v13.1.3</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4d8ebd13658d795114f8051e25c28d66f14886c6...58d9ffb36c90c97a02d061544ecc849cc4a242a9">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.11 to 2.1.12 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v2.1.12</h2> <h2>What's Changed</h2> <ul> <li>Add retries for getIDToken by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/502">google-github-actions/auth#502</a></li> <li>Release: v2.1.12 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/503">google-github-actions/auth#503</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12">https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/b7593ed2efd1c1617e1b0254da33b86225adb2a5"><code>b7593ed</code></a> Release: v2.1.12 (<a href="https://redirect.github.com/google-github-actions/auth/issues/503">#503</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/c1ee334b4fb145a02e9d8343bb2e9f0dd06e586b"><code>c1ee334</code></a> Add retries for getIDToken (<a href="https://redirect.github.com/google-github-actions/auth/issues/502">#502</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/140bb5113ffb6b65a7e9b937a81fa96cf5064462...b7593ed2efd1c1617e1b0254da33b86225adb2a5">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 055970845dd036d7345da7399b7e89f2e10f2b04 to c2ca2493190021783138cb8aac49bcee14b4bb89 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89"><code>c2ca249</code></a> test: manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/94d97fe3f88298bf8b2f2db6fa2ab150f3c1ab77"><code>94d97fe</code></a> chore(deps): bump tj-actions/branch-names from 9.0.1 to 9.0.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2636">#2636</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/18b05b98fcd9dc0bd3870d7a6571535999ba0c3f"><code>18b05b9</code></a> chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2635">#2635</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/db8d0bfea5a44e51abd5dc1454386c668ae901f9"><code>db8d0bf</code></a> chore(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2632">#2632</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0e2e8f70c5c6854ee9ff9f94bc2f1b9e7fcead78"><code>0e2e8f7</code></a> chore(deps): bump tj-actions/branch-names from 8.2.1 to 9.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2633">#2633</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5f2e971c1fcf53fda99e27a542f5e79cff0e7059"><code>5f2e971</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.0.15 to 24.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2626">#2626</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/498cf3f89140b3c7b8353c5ae1354765717026ad"><code>498cf3f</code></a> chore(deps-dev): bump jest from 30.0.4 to 30.0.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2627">#2627</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8378ac87b7b199cd230495c133c4f6b19215e757"><code>8378ac8</code></a> chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2628">#2628</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4bfe3cb5bd6f0db4dc8668c4d6bef45ccf2b8ab5"><code>4bfe3cb</code></a> chore(deps): bump nrwl/nx-set-shas from 4.3.0 to 4.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2630">#2630</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a0370f61698fcac830a08949da9fdf96ea0f3ab7"><code>a0370f6</code></a> chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2625">#2625</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/055970845dd036d7345da7399b7e89f2e10f2b04...c2ca2493190021783138cb8aac49bcee14b4bb89">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/branch-names` from 8.2.1 to 9.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's releases</a>.</em></p> <blockquote> <h2>v9.0.2</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v9.0.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p> <h2>v9.0.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li> <li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p> <h2>v9.0.0</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.2.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li> <li>chore: update action.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li> <li>security: fix unsafe outputs by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/420">tj-actions/branch-names#420</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v8...v9.0.0">https://github.com/tj-actions/branch-names/compare/v8...v9.0.0</a></p> <h2>v9</h2> <h1>Changes in v9.0.2</h1> <h2>What's Changed</h2> <ul> <li>Upgraded to v9.0.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/424">tj-actions/branch-names#424</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9...v9.0.2">https://github.com/tj-actions/branch-names/compare/v9...v9.0.2</a></p> <hr /> <h1>Changes in v9.0.1</h1> <h2>What's Changed</h2> <ul> <li>build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/422">tj-actions/branch-names#422</a></li> <li>build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/421">tj-actions/branch-names#421</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1</a></p> <hr /> <h1>Changes in v9.0.0</h1> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.2.1 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/417">tj-actions/branch-names#417</a></li> <li>chore: update action.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/418">tj-actions/branch-names#418</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/branch-names/pull/419">tj-actions/branch-names#419</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/branch-names/compare/v9.0.1...v9.0.2">9.0.2</a> - (2025-07-31)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Update update-readme.yml (<a href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5">5250492</a>) - (Tonye Jack)</li> <li>Update update-readme.yml (<a href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7">a2bc495</a>) - (Tonye Jack)</li> <li>Update README.md (<a href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06">169ddc1</a>) - (Tonye Jack)</li> <li>Update README.md (<a href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6">4d35052</a>) - (Tonye Jack)</li> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23">6be34a8</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded from v9.0.0 -> v9.0.1 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f">c0714e7</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/branch-names/compare/v9.0.0...v9.0.1">9.0.1</a> - (2025-07-26)</h1> <h2><!-- raw HTML omitted -->👷 CI/CD</h2> <ul> <li><strong>deps:</strong> Bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>) (<a href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234">386e117</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>) (<a href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14">2114174</a>) - (dependabot[bot])</li> </ul> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.2.1...v9.0.0">9.0.0</a> - (2025-07-25)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6">f904073</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li>Update action.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/418">#418</a>) (<a href="https://github.com/tj-actions/branch-names/commit/c81796132291bcac45a405bba3ff42c5c0c2a3e2">c817961</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🛡️ Security</h2> <ul> <li>Fix unsafe outputs (<a href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>) (<a href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f">e497ceb</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded from v8.2.0 -> v8.2.1 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/417">#417</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/branch-names/commit/46ae71df6d27dd78ff96d2aaf0a59411f9c19e4e">46ae71d</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a> - (2025-04-11)</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/branch-names/commit/5250492686b253f06fa55861556d1027b067aeb5"><code>5250492</code></a> Update update-readme.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/a2bc4958de72a5590a03c317bcb11581ae7866e7"><code>a2bc495</code></a> Update update-readme.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/169ddc10b28b8cbc75996ee56c1dbf4448ca6f06"><code>169ddc1</code></a> Update README.md</li> <li><a href="https://github.com/tj-actions/branch-names/commit/4d35052be347a49c829b8a8e9855f40f14a00be6"><code>4d35052</code></a> Update README.md</li> <li><a href="https://github.com/tj-actions/branch-names/commit/c0714e7ecc0a7baec34a69b87df070fa6a823e7f"><code>c0714e7</code></a> Upgraded from v9.0.0 -> v9.0.1 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/424">#424</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/6be34a848cdd6067dda01ded8bd9b0853bbe3b23"><code>6be34a8</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/423">#423</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/386e117ea34339627a40843704a60a3bc9359234"><code>386e117</code></a> build(deps): bump codacy/codacy-analysis-cli-action from 4.4.5 to 4.4.7 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/421">#421</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/2114174008e541048c2313bfc2c296a484785f14"><code>2114174</code></a> build(deps): bump tj-actions/git-cliff from 1.5.0 to 2.0.2 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/422">#422</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/e497ceb8ccd43fd9573cf2e375216625bc411d1f"><code>e497ceb</code></a> security: fix unsafe outputs (<a href="https://redirect.github.com/tj-actions/branch-names/issues/420">#420</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/f904073f20285d3ff38d2dedb647c7e81ab9ccc6"><code>f904073</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/419">#419</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/branch-names/compare/dde14ac574a8b9b1cedc59a1cf312788af43d8d8...5250492686b253f06fa55861556d1027b067aeb5">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.3 to 3.29.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.29.4</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.21 - 28 July 2025</h2> <p>No user facing changes.</p> <h2>3.28.20 - 21 July 2025</h2> <ul> <li>Remove support for combining SARIF files from a single upload for GHES 3.18, see <a href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/51f77329afa6477de8c49fc9c7046c15b9a4e79d"><code>51f7732</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2997">#2997</a> from github/update-v3.29.5-80a09d7b0</li> <li><a href="https://github.com/github/codeql-action/commit/8e90243ddbe0de3f12f4fa361675387b7f94c48d"><code>8e90243</code></a> Update changelog for v3.29.5</li> <li><a href="https://github.com/github/codeql-action/commit/80a09d7b0b5468297f127c81b43cb7335eed0f30"><code>80a09d7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2996">#2996</a> from github/dependabot/npm_and_yarn/npm-240ab9fad0</li> <li><a href="https://github.com/github/codeql-action/commit/8388115dc8d6af25bf915cc8455a7d6a77253970"><code>8388115</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2994">#2994</a> from github/mergeback/changelog/v3.28.21</li> <li><a href="https://github.com/github/codeql-action/commit/401ecaf503b1a19fc0fbd253cc5afe7759870068"><code>401ecaf</code></a> Merge branch 'main' into mergeback/changelog/v3.28.21</li> <li><a href="https://github.com/github/codeql-action/commit/ab5c0c5fa56442a68c2d51b194ccc93faaaaa639"><code>ab5c0c5</code></a> Merge branch 'main' into dependabot/npm_and_yarn/npm-240ab9fad0</li> <li><a href="https://github.com/github/codeql-action/commit/cd264d4dcdc5ee89d8590821e29c66a1bdcaa968"><code>cd264d4</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2986">#2986</a> from github/update-bundle/codeql-bundle-v2.22.2</li> <li><a href="https://github.com/github/codeql-action/commit/4599055b1e273f63344615ade2c46c852c6d5c63"><code>4599055</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.22.2</li> <li><a href="https://github.com/github/codeql-action/commit/fd7ad511e6bd5985ebbc84944e0e173d39a968b8"><code>fd7ad51</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2971">#2971</a> from github/update-supported-enterprise-server-versions</li> <li><a href="https://github.com/github/codeql-action/commit/ac0c9bfe1e34d6a76860325c1b4abe8208ce98a6"><code>ac0c9bf</code></a> Merge branch 'main' into update-supported-enterprise-server-versions</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/d6bbdef45e766d081b84a2def353b0055f728d3e...51f77329afa6477de8c49fc9c7046c15b9a4e79d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-04 14:57:47 +00:00
Ethan	b95cf47f99	ci: set valid xcode version in release script (#19143 ) 16.0.0 was yanked from the macOS runners, so this will likely need cherry picking into the upcoming release branch. We've already checked everything builds fine on #19125. In a few releases we'll stop building the dylib and also therefore remove xcode as a dependency on coder/coder altogether.	2025-08-04 15:01:24 +10:00
dependabot[bot]	6b141d76de	ci: bump the github-actions group with 6 updates (#18938 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.2` \| `2.13.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.10` \| `2.1.11` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.1.4` \| `2.1.5` \| \| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) \| `2.3.3` \| `2.3.4` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.2` \| `3.29.3` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.6` \| `1.3.7` \| Updates `step-security/harden-runner` from 2.12.2 to 2.13.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.0</h2> <h2>What's Changed</h2> <ul> <li>Improved job markdown summary</li> <li>Https monitoring for all domains (included with the enterprise tier)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a> from step-security/rc-24</li> <li><a href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a> feat: get job summary from API</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.10 to 2.1.11 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v2.1.11</h2> <h2>What's Changed</h2> <ul> <li>Update troubleshooting docs for Python by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/488">google-github-actions/auth#488</a></li> <li>Add linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/499">google-github-actions/auth#499</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/500">google-github-actions/auth#500</a></li> <li>Release: v2.1.11 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/501">google-github-actions/auth#501</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11">https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/140bb5113ffb6b65a7e9b937a81fa96cf5064462"><code>140bb51</code></a> Release: v2.1.11 (<a href="https://redirect.github.com/google-github-actions/auth/issues/501">#501</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/ab3132e2ad698521ee1355566103fa838732e48c"><code>ab3132e</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/500">#500</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/25b96bac992fdf64486c6fd3fd3d9c4cddb3a812"><code>25b96ba</code></a> Add linters (<a href="https://redirect.github.com/google-github-actions/auth/issues/499">#499</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/0920706a19e9d22c3d0da43d1db5939c6ad837a8"><code>0920706</code></a> Update troubleshooting docs for Python (<a href="https://redirect.github.com/google-github-actions/auth/issues/488">#488</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/ba79af03959ebeac9769e648f473a284504d9193...140bb5113ffb6b65a7e9b937a81fa96cf5064462">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.1.4 to 2.1.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v2.1.5</h2> <h2>What's Changed</h2> <ul> <li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/711">google-github-actions/setup-gcloud#711</a></li> <li>Update linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/715">google-github-actions/setup-gcloud#715</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/716">google-github-actions/setup-gcloud#716</a></li> <li>Release: v2.1.5 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/717">google-github-actions/setup-gcloud#717</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9"><code>6a7c903</code></a> Release: v2.1.5 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/717">#717</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/e838bc6edfe3907980c74d5aad506fd6e173b0d6"><code>e838bc6</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/716">#716</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/98d8f78fcc2354c736499a506ad9e7be3f4c2640"><code>98d8f78</code></a> Update linters (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/715">#715</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/a8b58010a5b2a061afd605f50e88629c9ec7536b"><code>a8b5801</code></a> security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/711">#711</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/77e7a554d41e2ee56fc945c52dfd3f33d12def9a...6a7c903a70c8625ed6700fa299f5ddb4ca6022e9">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/get-gke-credentials` from 2.3.3 to 2.3.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's releases</a>.</em></p> <blockquote> <h2>v2.3.4</h2> <h2>What's Changed</h2> <ul> <li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/333">google-github-actions/get-gke-credentials#333</a></li> <li>Update linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/334">google-github-actions/get-gke-credentials#334</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/335">google-github-actions/get-gke-credentials#335</a></li> <li>Release: v2.3.4 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/336">google-github-actions/get-gke-credentials#336</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/8e574c49425fa7efed1e74650a449bfa6a23308a"><code>8e574c4</code></a> Release: v2.3.4 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/336">#336</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/820551c1d9b3734a98590d5020e3a479a3600019"><code>820551c</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/335">#335</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/503071673e50fd4fe5973d69174dc780288d61e9"><code>5030716</code></a> Update linters (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/334">#334</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/36f99de330d5a168c801b87721b96719a0a9ada0"><code>36f99de</code></a> security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/333">#333</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/get-gke-credentials/compare/d0cee45012069b163a631894b98904a9e6723729...8e574c49425fa7efed1e74650a449bfa6a23308a">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.2 to 3.29.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.20 - 21 July 2025</h2> <ul> <li>Remove support for combining SARIF files from a single upload for GHES 3.18, see <a href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/d6bbdef45e766d081b84a2def353b0055f728d3e"><code>d6bbdef</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2977">#2977</a> from github/update-v3.29.3-7710ed11e</li> <li><a href="https://github.com/github/codeql-action/commit/210cc9bfa2103f4b7c4701ee383183b944c62578"><code>210cc9b</code></a> Update changelog for v3.29.3</li> <li><a href="https://github.com/github/codeql-action/commit/7710ed11e398ea99c7f7004c2b2e0f580458db42"><code>7710ed1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2970">#2970</a> from github/cklin/diff-informed-feature-enable</li> <li><a href="https://github.com/github/codeql-action/commit/6a49a8cbce6ecbd74ea251a48dbc84e64ce3be4d"><code>6a49a8c</code></a> build: refresh js files</li> <li><a href="https://github.com/github/codeql-action/commit/3aef4108d1730e17b6fd24f8b9c49d8fcc87d46d"><code>3aef410</code></a> Add diff-informed-analysis-utils.test.ts</li> <li><a href="https://github.com/github/codeql-action/commit/614b64c6ec97a4ad54f7c99c5becbf593144dbfb"><code>614b64c</code></a> Diff-informed analysis: disable for GHES below 3.19</li> <li><a href="https://github.com/github/codeql-action/commit/aefb854fe5563f4650638224c839c6e9b33c25b5"><code>aefb854</code></a> Feature.DiffInformedQueries: default to true</li> <li><a href="https://github.com/github/codeql-action/commit/03a2a17e75d20e4ff461b43f161fb2b52165f632"><code>03a2a17</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2967">#2967</a> from github/cklin/overlay-feature-flags</li> <li><a href="https://github.com/github/codeql-action/commit/07455ed3c36f739ad76d1c4e55f8b49550f74344"><code>07455ed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2972">#2972</a> from github/koesie10/ghes-satisfies</li> <li><a href="https://github.com/github/codeql-action/commit/3fb562ddcce3ca92b83ea1bb7abaa579a1ab882d"><code>3fb562d</code></a> build: refresh js files</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/181d5eefc20863364f96762470ba6f862bdef56b...d6bbdef45e766d081b84a2def353b0055f728d3e">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.6 to 1.3.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.7</h2> <p>v1.3.7: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a> - Update linkspector version to 0.4.7</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/874d01cae9fd488e3077b08952093235bd626977"><code>874d01c</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/bfc5bc55f5a8fc268165639b78b3ce6ae64915ad"><code>bfc5bc5</code></a> Update linkspector version to 0.4.7</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/3a951c1f0dca72300c2320d0eb39c2bafe429ab1...874d01cae9fd488e3077b08952093235bd626977">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-21 13:21:37 +00:00
Jakub Domeracki	e4d3453e2b	feat: publish CLI binaries and detached signatures to releases.coder.com (#18874 ) Starting with version `2.24.X `, Coder CLI binaries & corresponding detached signatures will get published to the GCS bucket releases.coder.com.	2025-07-15 13:15:58 +02:00
Jakub Domeracki	dc0919da33	feat: sign coder binaries with the release key using GPG (#18774 ) ### Description This PR introduces GPG signing for all Coder slim-binaries. Detached signatures will allow users to verify the integrity and authenticity of the binaries they download. ### Changes * `scripts/sign_with_gpg.sh`: New script to sign a given binary using GPG. It imports the release key, signs the binary, and verifies the signature. * `scripts/build_go.sh`: Updated to call `sign_with_gpg.sh` when the `CODER_SIGN_GPG` environment variable is set to 1. * `.github/workflows/release.yaml`: The` CODER_SIGN_GPG` environment variable is now set to 1 during the release build, enabling GPG signing for all release binaries. * `.github/workflows/ci.yaml`: The `CODER_SIGN_GPG` environment variable is now set to 1 during the CI build, enabling GPG signing for all CI binaries. * `Makefile`: Detached signatures are moved to the `/site/out/bin/ `directory	2025-07-09 11:53:27 +02:00
Allen Conlon	10c1e36fff	feat: add publishing of helm charts to ghcr registry (#18316 )	2025-07-08 22:19:12 +05:00
dependabot[bot]	851cda55d6	ci: bump the github-actions group with 3 updates (#18665 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [fluxcd/flux2](https://github.com/fluxcd/flux2) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.12.1 to 2.12.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.2</h2> <h2>What's Changed</h2> <p>Added HTTPS Monitoring for additional destinations - *.githubusercontent.com Bug fixes:</p> <ul> <li>Implicitly allow local multicast, local unicast and broadcast IP addresses in block mode</li> <li>Increased policy map size for block mode</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49"><code>6c439dc</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a> from step-security/rc-22</li> <li><a href="https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a"><code>bf56886</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84"><code>5436dac</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8"><code>88d305a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297"><code>b976878</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6"><code>875cc92</code></a> Update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49">compare view</a></li> </ul> </details> <br /> Updates `fluxcd/flux2` from 2.6.2 to 2.6.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's releases</a>.</em></p> <blockquote> <h2>v2.6.3</h2> <h2>Highlights</h2> <p>Flux v2.6.3 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.</p> <p>Fixes:</p> <ul> <li>Fix for <code>rsa-sha2-512</code> and <code>rsa-sha2-256</code> algorithms not being prioritized for <code>ssh-rsa</code> host keys in source-controller, image-automation-controller and Flux CLI bootstrap.</li> </ul> <h2>Components changelog</h2> <ul> <li>source-controller <a href="https://github.com/fluxcd/source-controller/blob/v1.6.2/CHANGELOG.md">v1.6.2</a></li> <li>image-automation-controller <a href="https://github.com/fluxcd/image-automation-controller/blob/v0.41.2/CHANGELOG.md">v0.41.2</a></li> </ul> <h2>CLI changed</h2> <ul> <li>[release/v2.6.x] Update toolkit components by <a href="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in <a href="https://redirect.github.com/fluxcd/flux2/pull/5427">fluxcd/flux2#5427</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3">https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/fluxcd/flux2/commit/bda4c8187e436462be0d072e728b67afa215c593"><code>bda4c81</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5427">#5427</a> from fluxcd/backport-5426-to-release/v2.6.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/3f281da7381e3984913244d78b9768e4fa5fbb65"><code>3f281da</code></a> Fix: Prioritize sha2-512 and sha2-256 for ssh-rsa host keys</li> <li><a href="https://github.com/fluxcd/flux2/commit/963e99188cb0a77dfbe70a3db7a34c0f6e159dd3"><code>963e991</code></a> Update toolkit components</li> <li>See full diff in <a href="https://github.com/fluxcd/flux2/compare/a48f81a66c4ca9fbd993233ab99dd03a7cfbe09a...bda4c8187e436462be0d072e728b67afa215c593">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.0 to 3.29.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.1</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.1/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2376</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/39edc492dbe16b1465b0cafca41432d857bdb31a"><code>39edc49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2953">#2953</a> from github/update-v3.29.1-428aea55f</li> <li><a href="https://github.com/github/codeql-action/commit/27c4fb1eef772029c0bbeed96d8538a2af79e541"><code>27c4fb1</code></a> Update changelog for v3.29.1</li> <li><a href="https://github.com/github/codeql-action/commit/428aea55f52aac0db14530fe4e5c97462c533f7d"><code>428aea5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2952">#2952</a> from github/redsun82/fix-swift-test</li> <li><a href="https://github.com/github/codeql-action/commit/973250f3d233f50890a597fef853ae3b2a538a31"><code>973250f</code></a> Swift: recreate a default Swift package to fix test</li> <li><a href="https://github.com/github/codeql-action/commit/8ef17824cfb2a3f40cbc7f41bac7e055e53b8164"><code>8ef1782</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2950">#2950</a> from github/update-bundle/codeql-bundle-v2.22.1</li> <li><a href="https://github.com/github/codeql-action/commit/f3bfb9860305f6e80e048f4785d6bee33bf77356"><code>f3bfb98</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/2b4afc20b636de8884609ee2a501a68a67766f26"><code>2b4afc2</code></a> Update default bundle to codeql-bundle-v2.22.1</li> <li><a href="https://github.com/github/codeql-action/commit/9b02dc2f60288b463e7a66e39c78829b62780db7"><code>9b02dc2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2928">#2928</a> from github/update-supported-enterprise-server-versions</li> <li><a href="https://github.com/github/codeql-action/commit/7ab92d0295a9b09eb653169acdb2c24f7c43614a"><code>7ab92d0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2948">#2948</a> from github/mbg/copilot-instructions</li> <li><a href="https://github.com/github/codeql-action/commit/2cae828745579fc9309404e09440d23bba2f7b79"><code>2cae828</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2947">#2947</a> from github/dependency-proxy/codeql-bundle-v2.22.0</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858...39edc492dbe16b1465b0cafca41432d857bdb31a">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-30 15:37:51 +00:00
dependabot[bot]	183eaa21dc	ci: bump the github-actions group with 5 updates (#18497 ) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-23 13:46:08 +00:00
dependabot[bot]	cba99a13e7	ci: bump the github-actions group with 6 updates (#18386 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.0` \| `2.12.1` \| \| [chromaui/action](https://github.com/chromaui/action) \| `12.1.1` \| `12.2.0` \| \| [actions/attest](https://github.com/actions/attest) \| `2.3.0` \| `2.4.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `115870536a85eaf050e369291c7895748ff12aea` \| `d52d20fa3f981cb852b861fd8f55308b5fe29637` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.19` \| `3.29.0` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.4` \| `1.3.5` \| Updates `step-security/harden-runner` from 2.12.0 to 2.12.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.1</h2> <h2>What's Changed</h2> <ul> <li>Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.</li> <li>Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a> from step-security/rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a> Merge branch 'main' into rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a> from step-security/dependabot/github_actions/step-sec...</li> <li><a href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a> Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0</li> <li><a href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a> from h0x0er/feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a> update</li> <li><a href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a> Merge branch 'rc-21' into feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a> fixed test case</li> <li><a href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a> self-hosted: refactored block-policy apply logic</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 12.1.1 to 12.2.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/c50adf8eaa8c2878af3263499a73077854de39d4"><code>c50adf8</code></a> v12.2.0</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/8536229ee904071f8edce292596f6dbe0da96b9b...c50adf8eaa8c2878af3263499a73077854de39d4">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.3.0 to 2.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v2.4.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in the npm-production group by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/242">actions/attest#242</a></li> <li>Bump undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/246">actions/attest#246</a></li> <li>Add path to created attestation in a well-known summary file by <a href="https://github.com/kommendorkapten"><code>@kommendorkapten</code></a> in <a href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kommendorkapten"><code>@kommendorkapten</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2...v2.4.0">https://github.com/actions/attest/compare/v2...v2.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc"><code>ce27ba3</code></a> bump package version to 2.4.0 (<a href="https://redirect.github.com/actions/attest/issues/253">#253</a>)</li> <li><a href="https://github.com/actions/attest/commit/6a89e1286443a80c6d1e0cebb7b24d8299c16774"><code>6a89e12</code></a> Add path to created attestation in a well-known summary file (<a href="https://redirect.github.com/actions/attest/issues/252">#252</a>)</li> <li><a href="https://github.com/actions/attest/commit/cbc14bbf255d1e79ad201d4308009aabd79cafdc"><code>cbc14bb</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/250">#250</a>)</li> <li><a href="https://github.com/actions/attest/commit/b87aa13652d8ee3c0c86d3582b965c842f7f388f"><code>b87aa13</code></a> Bump the npm-development group across 1 directory with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/249">#249</a>)</li> <li><a href="https://github.com/actions/attest/commit/5ae9aa28e10f70b771c67101892b7ffc141ef958"><code>5ae9aa2</code></a> Bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/actions/attest/issues/246">#246</a>)</li> <li><a href="https://github.com/actions/attest/commit/4119d34e49ca6230f84a5e799710eae4f2428d02"><code>4119d34</code></a> Bump the npm-development group across 1 directory with 6 updates (<a href="https://redirect.github.com/actions/attest/issues/245">#245</a>)</li> <li><a href="https://github.com/actions/attest/commit/7e777b150d7bec9c2cfe2c0993b186c15e97e81c"><code>7e777b1</code></a> Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in the npm-production group (<a href="https://redirect.github.com/actions/attest/issues/242">#242</a>)</li> <li><a href="https://github.com/actions/attest/commit/4d8a13a13f8c2075b78844846f6d7e38b6a920bf"><code>4d8a13a</code></a> Bump super-linter/super-linter in the actions-minor group (<a href="https://redirect.github.com/actions/attest/issues/244">#244</a>)</li> <li><a href="https://github.com/actions/attest/commit/647f15244eb261577c4910e1356026e9c1d9cda9"><code>647f152</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/240">#240</a>)</li> <li><a href="https://github.com/actions/attest/commit/20551343079b1bce85b235f46add92bbbddb8a7a"><code>2055134</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/239">#239</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/afd638254319277bb3d7f0a234478733e2e46a73...ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 115870536a85eaf050e369291c7895748ff12aea to d52d20fa3f981cb852b861fd8f55308b5fe29637 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/d52d20fa3f981cb852b861fd8f55308b5fe29637"><code>d52d20f</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.15.26 to 24.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2587">#2587</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/f1c0eb959957d4094cf86adeb8bb4852f373e197"><code>f1c0eb9</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.4.0 to 5.4.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2578">#2578</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/944a0f723952a370222de3178b25805235c65933"><code>944a0f7</code></a> chore(deps-dev): bump eslint-plugin-jest from 28.13.0 to 28.13.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2585">#2585</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0"><code>3dbc1e1</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/7a7221b7baecf19ec83f6a411a2670a43174c883"><code>7a7221b</code></a> chore(deps): bump github/codeql-action from 3.28.18 to 3.29.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2588">#2588</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef"><code>c260d49</code></a> feat: add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f"><code>b1ccff8</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0"><code>a892f50</code></a> docs: update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5ca5422070674a4bb487ecebf3c33251f3723c9b"><code>5ca5422</code></a> chore(deps-dev): bump ts-jest from 29.3.4 to 29.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2589">#2589</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4140eb99d2cced9bfd78375c2088371853262f79"><code>4140eb9</code></a> chore(deps-dev): bump eslint-plugin-jest from 28.12.0 to 28.13.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2583">#2583</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/115870536a85eaf050e369291c7895748ff12aea...d52d20fa3f981cb852b861fd8f55308b5fe29637">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.19 to 3.29.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.0</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.0/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858"><code>ce28f5b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2926">#2926</a> from github/update-v3.29.0-e8799281c</li> <li><a href="https://github.com/github/codeql-action/commit/bc251b7932638a7881a8db15d1aaf0151642af99"><code>bc251b7</code></a> Update changelog for v3.29.0</li> <li><a href="https://github.com/github/codeql-action/commit/e8799281c8dee3b2e1aaed2c059e530fcfdc2d6d"><code>e879928</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2925">#2925</a> from github/update-bundle/codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/efd43b3097c094d883d91934155f0a32af09dff7"><code>efd43b3</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/7cb9b16051842e6c23c8b9fbcf92481f92d0644a"><code>7cb9b16</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2912">#2912</a> from github/henrymercer/bump-minimum-codeql-2.16.6</li> <li><a href="https://github.com/github/codeql-action/commit/3855117ba18b27e082b12e3e92e00d1b52aaa605"><code>3855117</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/f5d4e2a7ca2a5826357748bb8743390a4775946f"><code>f5d4e2a</code></a> Update default bundle to codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/22deae890c55a1dc3ffba1aa20ad4148284e72d1"><code>22deae8</code></a> Update package-lock.json</li> <li><a href="https://github.com/github/codeql-action/commit/df2a830ca4348a013f4804b56f41795f408f1e4e"><code>df2a830</code></a> Merge branch 'main' into henrymercer/bump-minimum-codeql-2.16.6</li> <li><a href="https://github.com/github/codeql-action/commit/b1e4dc3db58c9601794e22a9f6d28d45461b9dbf"><code>b1e4dc3</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2916">#2916</a> from github/dependabot/npm_and_yarn/npm-5cdccdc43f</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/fca7ace96b7d713c7035871441bd52efbe39e27e...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.4 to 1.3.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.5</h2> <p>v1.3.5: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a> - Update linkspector version to 0.4.5</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/e2ccef58c4b9eb89cd71ee23a8629744bba75aa6"><code>e2ccef5</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/6cc23b20f1b7de3860f639255ccebc2b6428c62e"><code>6cc23b2</code></a> Update linkspector version to 0.4.5</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/a0567ce1c7c13de4a2358587492ed43cab5d0102...e2ccef58c4b9eb89cd71ee23a8629744bba75aa6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-16 12:39:39 +00:00
M Atif Ali	fb0e3d64db	chore: remove update release calendar job (#17884 )	2025-05-16 20:06:00 +05:00

1 2 3 4

184 Commits