coder

mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00

Author	SHA1	Message	Date
Thomas Kosiewski	fe257666d7	ci: refactor CI to use mise for shared tool setup (#25727 )	2026-06-01 15:55:19 +02:00
dependabot[bot]	edd5d83280	ci: bump the github-actions group with 12 updates (#24558 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lukasz <CommanderK5@users.noreply.github.com> Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>	2026-04-23 10:31:55 +05:00
dependabot[bot]	6c47e9ea23	ci: bump the github-actions group with 3 updates (#24085 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.16.0 to 2.16.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.16.1</h2> <h2>What's Changed</h2> <p>Enterprise tier: Added support for direct IP addresses in the allow list Community tier: Migrated Harden Runner telemetry to a new endpoint</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1">https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d"><code>fe10465</code></a> v2.16.1 (<a href="https://redirect.github.com/step-security/harden-runner/issues/654">#654</a>)</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594...fe104658747b27e96e4f7e80cd0a94068e53901d">compare view</a></li> </ul> </details> <br /> Updates `dependabot/fetch-metadata` from 2.5.0 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <p>The breaking change is requiring Node.js version v24 as the Actions runtime.</p> <h2>What's Changed</h2> <ul> <li>feat: Parse versions from metadata links by <a href="https://github.com/ppkarwasz"><code>@ppkarwasz</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/632">dependabot/fetch-metadata#632</a></li> <li>Upgrade actions core and actions github packages by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/649">dependabot/fetch-metadata#649</a></li> <li>docs: Add notes for using <code>alert-lookup</code> with App Token by <a href="https://github.com/sue445"><code>@sue445</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/656">dependabot/fetch-metadata#656</a></li> <li>feat!: update Node.js version to v24 by <a href="https://github.com/sturman"><code>@sturman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/671">dependabot/fetch-metadata#671</a></li> <li>Switch build tooling from ncc to esbuild by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/676">dependabot/fetch-metadata#676</a></li> <li>Add --legal-comments=none to esbuild build commands by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/679">dependabot/fetch-metadata#679</a></li> <li>Bump tsconfig target from es2022 to es2024 by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/680">dependabot/fetch-metadata#680</a></li> <li>Remove vestigial outDir from tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/681">dependabot/fetch-metadata#681</a></li> <li>Switch tsconfig module resolution to bundler by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/682">dependabot/fetch-metadata#682</a></li> <li>Remove skipLibCheck from tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/683">dependabot/fetch-metadata#683</a></li> <li>Add typecheck step to CI by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/685">dependabot/fetch-metadata#685</a></li> <li>Enable noImplicitAny in tsconfig.json by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/684">dependabot/fetch-metadata#684</a></li> <li>Upgrade <code>@actions/core</code> to ^3.0.0 by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/677">dependabot/fetch-metadata#677</a></li> <li>Upgrade <code>@actions/github</code> to ^9.0.0 and <code>@octokit/request-error</code> to ^7.1.0 by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/678">dependabot/fetch-metadata#678</a></li> <li>Bump qs from 6.14.0 to 6.14.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/651">dependabot/fetch-metadata#651</a></li> <li>Bump hono from 4.11.1 to 4.11.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/652">dependabot/fetch-metadata#652</a></li> <li>Bump hono from 4.11.4 to 4.11.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/653">dependabot/fetch-metadata#653</a></li> <li>Bump hono from 4.11.7 to 4.12.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/657">dependabot/fetch-metadata#657</a></li> <li>Bump qs from 6.14.1 to 6.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/655">dependabot/fetch-metadata#655</a></li> <li>Bump <code>@modelcontextprotocol/sdk</code> from 1.25.1 to 1.26.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/654">dependabot/fetch-metadata#654</a></li> <li>Bump <code>@hono/node-server</code> from 1.19.9 to 1.19.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/665">dependabot/fetch-metadata#665</a></li> <li>Bump hono from 4.12.2 to 4.12.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/664">dependabot/fetch-metadata#664</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/667">dependabot/fetch-metadata#667</a></li> <li>Bump hono from 4.12.5 to 4.12.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/668">dependabot/fetch-metadata#668</a></li> <li>Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/669">dependabot/fetch-metadata#669</a></li> <li>Bump flatted from 3.3.3 to 3.4.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/670">dependabot/fetch-metadata#670</a></li> <li>build(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/674">dependabot/fetch-metadata#674</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ppkarwasz"><code>@ppkarwasz</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/632">dependabot/fetch-metadata#632</a></li> <li><a href="https://github.com/truggeri"><code>@truggeri</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/649">dependabot/fetch-metadata#649</a></li> <li><a href="https://github.com/sue445"><code>@sue445</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/656">dependabot/fetch-metadata#656</a></li> <li><a href="https://github.com/sturman"><code>@sturman</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/671">dependabot/fetch-metadata#671</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0">https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dependabot/fetch-metadata/commit/ffa630c65fa7e0ecfa0625b5ceda64399aea1b36"><code>ffa630c</code></a> v3.0.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/686">#686</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/ec8fff2ea0f40ccdbdcd1fea69759029f2990807"><code>ec8fff2</code></a> Merge pull request <a href="https://redirect.github.com/dependabot/fetch-metadata/issues/674">#674</a> from dependabot/dependabot/npm_and_yarn/picomatch-2.3.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/caf48bddf9ab5175bbd568425ea999bab03f1147"><code>caf48bd</code></a> build(deps-dev): bump picomatch from 2.3.1 to 2.3.2</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/13d82742f9de94226254782b8662a39878795272"><code>13d8274</code></a> Upgrade <code>@actions/github</code> to ^9.0.0 and <code>@octokit/request-error</code> to ^7.1.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/678">#678</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/b60309944845001ba168d4947b0c43c4bc94be74"><code>b603099</code></a> Upgrade <code>@actions/core</code> from ^1.11.1 to ^3.0.0 (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/677">#677</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/c5dc5b174070a3760ba36f0638aa6be896c4c7c9"><code>c5dc5b1</code></a> Enable noImplicitAny in tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/684">#684</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/a183f3c7985054f86eba6dd1ad07cde0067cc4f7"><code>a183f3c</code></a> Add typecheck step to CI (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/685">#685</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/5e175645c2bdda348d0b48d730d38c537356a153"><code>5e17564</code></a> Remove skipLibCheck from tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/683">#683</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/bb56eeb32acd8595e47fb3529ce5816589d912fe"><code>bb56eeb</code></a> Switch tsconfig module resolution to bundler (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/682">#682</a>)</li> <li><a href="https://github.com/dependabot/fetch-metadata/commit/3632e3d8b773dac47f843a97c7536d0ce4e73de4"><code>3632e3d</code></a> Remove vestigial outDir from tsconfig.json (<a href="https://redirect.github.com/dependabot/fetch-metadata/issues/681">#681</a>)</li> <li>Additional commits viewable in <a href="https://github.com/dependabot/fetch-metadata/compare/21025c705c08248db411dc16f3619e6b5f9ea21a...ffa630c65fa7e0ecfa0625b5ceda64399aea1b36">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.9 to 4.35.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.35.1</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>v4.35.0</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>v4.34.1</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>v4.34.0</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>v4.33.0</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using advanced setup:</strong> Set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> <li> <p>Fixed <a href="https://redirect.github.com/github/codeql-action/issues/3555">a bug</a> which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. <a href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p> </li> <li> <p>The CodeQL Action now loads <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom repository properties</a> on GitHub Enterprise Server, enabling the customization of features such as <code>github-codeql-disable-overlay</code> that was previously only available on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p> </li> <li> <p>Once <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a> can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. <a href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p> </li> <li> <p>Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". <a href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p> </li> <li> <p>A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p> </li> </ul> <h2>v4.32.6</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li> </ul> <h2>v4.32.5</h2> <ul> <li>Repositories owned by an organization can now set up the <code>github-codeql-disable-overlay</code> custom repository property to disable <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis for CodeQL</a>. First, create a custom repository property with the name <code>github-codeql-disable-overlay</code> and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to <code>true</code> to disable improved incremental analysis. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. This feature is not yet available on GitHub Enterprise Server. <a href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li> <li>Added an experimental change so that when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li> <li>The minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. <a href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li> <li>Reduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. <a href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li> <li>Added an experimental change which lowers the minimum disk space requirement for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li> <li>Added an experimental change which allows the <code>start-proxy</code> action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li> <li>The previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. <a href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>, <a href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li> </ul> <h2>v4.32.4</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li> <li>Added an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries are configured</a>. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. <a href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li> <li>When the CodeQL Action is run <a href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with debugging enabled in Default Setup</a> and <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries are configured</a>, the "Setup proxy for registries" step will output additional diagnostic information that can be used for troubleshooting. <a href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li> <li>Added a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li> <li>Added a setting which enables GitHub-managed workflows, such as Default Setup, to use a <a href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly CodeQL CLI release</a> instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. <a href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li> </ul> <h2>v4.32.3</h2> <ul> <li>Added experimental support for testing connections to <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a>. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. <a href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> <li>The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. <a href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li> <li>Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. <a href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li> </ul> <h2>4.35.1 - 27 Mar 2026</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>4.35.0 - 27 Mar 2026</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>4.34.1 - 20 Mar 2026</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>4.34.0 - 20 Mar 2026</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>4.33.0 - 16 Mar 2026</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using advanced setup:</strong> Set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> <li> <p>Fixed <a href="https://redirect.github.com/github/codeql-action/issues/3555">a bug</a> which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. <a href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p> </li> <li> <p>The CodeQL Action now loads <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom repository properties</a> on GitHub Enterprise Server, enabling the customization of features such as <code>github-codeql-disable-overlay</code> that was previously only available on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p> </li> <li> <p>Once <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a> can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. <a href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p> </li> <li> <p>Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". <a href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p> </li> <li> <p>A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p> </li> </ul> <h2>4.32.6 - 05 Mar 2026</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li> </ul> <h2>4.32.5 - 02 Mar 2026</h2> <ul> <li>Repositories owned by an organization can now set up the <code>github-codeql-disable-overlay</code> custom repository property to disable <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis for CodeQL</a>. First, create a custom repository property with the name <code>github-codeql-disable-overlay</code> and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to <code>true</code> to disable improved incremental analysis. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. This feature is not yet available on GitHub Enterprise Server. <a href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/c10b8064de6f491fea524254123dbe5e09572f13"><code>c10b806</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3782">#3782</a> from github/update-v4.35.1-d6d1743b8</li> <li><a href="https://github.com/github/codeql-action/commit/c5ffd0683786820677d054e3505e1c5bb4b8c227"><code>c5ffd06</code></a> Update changelog for v4.35.1</li> <li><a href="https://github.com/github/codeql-action/commit/d6d1743b8ec7ecd94f78ad1ce4cb3d8d2ba58001"><code>d6d1743</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3781">#3781</a> from github/henrymercer/update-git-minimum-version</li> <li><a href="https://github.com/github/codeql-action/commit/65d2efa7333ad65f97cc54be40f4cd18630f884c"><code>65d2efa</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/2437b20ab31021229573a66717323dd5c6ce9319"><code>2437b20</code></a> Update minimum git version for overlay to 2.36.0</li> <li><a href="https://github.com/github/codeql-action/commit/ea5f71947c021286c99f61cc426a10d715fe4434"><code>ea5f719</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3775">#3775</a> from github/dependabot/npm_and_yarn/node-forge-1.4.0</li> <li><a href="https://github.com/github/codeql-action/commit/45ceeea896ba2293e10982f871198d1950ee13d6"><code>45ceeea</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3777">#3777</a> from github/mergeback/v4.35.0-to-main-b8bb9f28</li> <li><a href="https://github.com/github/codeql-action/commit/24448c98434f429f901d27db7ddae55eec5cc1c4"><code>24448c9</code></a> Rebuild</li> <li><a href="https://github.com/github/codeql-action/commit/7c510606312e5c68ac8b27c009e5254f226f5dfa"><code>7c51060</code></a> Update changelog and version after v4.35.0</li> <li><a href="https://github.com/github/codeql-action/commit/b8bb9f28b8d3f992092362369c57161b755dea45"><code>b8bb9f2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3776">#3776</a> from github/update-v4.35.0-0078ad667</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...c10b8064de6f491fea524254123dbe5e09572f13">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-04-07 11:24:29 +00:00
dependabot[bot]	37d937554e	ci: bump dorny/paths-filter from 3.0.2 to 4.0.1 in the github-actions group (#23435 ) Bumps the github-actions group with 1 update: [dorny/paths-filter](https://github.com/dorny/paths-filter). Updates `dorny/paths-filter` from 3.0.2 to 4.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dorny/paths-filter/releases">dorny/paths-filter's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h2>What's Changed</h2> <ul> <li>Support merge queue by <a href="https://github.com/masaru-iritani"><code>@masaru-iritani</code></a> in <a href="https://redirect.github.com/dorny/paths-filter/pull/255">dorny/paths-filter#255</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/masaru-iritani"><code>@masaru-iritani</code></a> made their first contribution in <a href="https://redirect.github.com/dorny/paths-filter/pull/255">dorny/paths-filter#255</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dorny/paths-filter/compare/v4.0.0...v4.0.1">https://github.com/dorny/paths-filter/compare/v4.0.0...v4.0.1</a></p> <h2>v4.0.0</h2> <h2>What's Changed</h2> <ul> <li>feat: update action runtime to node24 by <a href="https://github.com/saschabratton"><code>@saschabratton</code></a> in <a href="https://redirect.github.com/dorny/paths-filter/pull/294">dorny/paths-filter#294</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/saschabratton"><code>@saschabratton</code></a> made their first contribution in <a href="https://redirect.github.com/dorny/paths-filter/pull/294">dorny/paths-filter#294</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dorny/paths-filter/compare/v3.0.3...v4.0.0">https://github.com/dorny/paths-filter/compare/v3.0.3...v4.0.0</a></p> <h2>v3.0.3</h2> <h2>What's Changed</h2> <ul> <li>Add missing predicate-quantifier by <a href="https://github.com/wardpeet"><code>@wardpeet</code></a> in <a href="https://redirect.github.com/dorny/paths-filter/pull/279">dorny/paths-filter#279</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/wardpeet"><code>@wardpeet</code></a> made their first contribution in <a href="https://redirect.github.com/dorny/paths-filter/pull/279">dorny/paths-filter#279</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dorny/paths-filter/compare/v3...v3.0.3">https://github.com/dorny/paths-filter/compare/v3...v3.0.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md">dorny/paths-filter's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.0.0</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/294">Update action runtime to node24</a></li> </ul> <h2>v3.0.3</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/279">Add missing predicate-quantifier</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/224">Add config parameter for predicate quantifier</a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/133">Compare base and ref when token is empty</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/210">Update to Node.js 20</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/215">Update all dependencies</a></li> </ul> <h2>v2.11.1</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/167">Update <code>@actions/core</code> to v1.10.0 - Fixes warning about deprecated set-output</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/168">Document need for pull-requests: read permission</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/164">Updating to actions/checkout@v3</a></li> </ul> <h2>v2.11.0</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/157">Set list-files input parameter as not required</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/161">Update Node.js</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/162">Fix incorrect handling of Unicode characters in exec()</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/163">Use Octokit pagination</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/160">Updates real world links</a></li> </ul> <h2>v2.10.2</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/91">Fix getLocalRef() returns wrong ref</a></li> </ul> <h2>v2.10.1</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/85">Improve robustness of change detection</a></li> </ul> <h2>v2.10.0</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/82">Add ref input parameter</a></li> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/83">Fix change detection in PR when pullRequest.changed_files is incorrect</a></li> </ul> <h2>v2.9.3</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/78">Fix change detection when base is a tag</a></li> </ul> <h2>v2.9.2</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/75">Fix fetching git history</a></li> </ul> <h2>v2.9.1</h2> <ul> <li><a href="https://redirect.github.com/dorny/paths-filter/pull/74">Fix fetching git history + fallback to unshallow repo</a></li> </ul> <h2>v2.9.0</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dorny/paths-filter/commit/fbd0ab8f3e69293af611ebaee6363fc25e6d187d"><code>fbd0ab8</code></a> feat: add merge_group event support</li> <li><a href="https://github.com/dorny/paths-filter/commit/efb1da7ce8d89bbc261191e5a2dc1453c3837339"><code>efb1da7</code></a> feat: add dist/ freshness check to PR workflow</li> <li><a href="https://github.com/dorny/paths-filter/commit/d8f7b061b24c30a325ff314b76c37adb05b041ce"><code>d8f7b06</code></a> Merge pull request <a href="https://redirect.github.com/dorny/paths-filter/issues/302">#302</a> from dorny/issue-299</li> <li><a href="https://github.com/dorny/paths-filter/commit/addbc147a95845176e1bc013a012fbf1d366389a"><code>addbc14</code></a> Update README for v4</li> <li><a href="https://github.com/dorny/paths-filter/commit/9d7afb8d214ad99e78fbd4247752c4caed2b6e4c"><code>9d7afb8</code></a> Update CHANGELOG for v4.0.0</li> <li><a href="https://github.com/dorny/paths-filter/commit/782470c5d953cae2693d643172b14e01bacb71f3"><code>782470c</code></a> Merge branch 'releases/v3'</li> <li><a href="https://github.com/dorny/paths-filter/commit/d1c1ffe0248fe513906c8e24db8ea791d46f8590"><code>d1c1ffe</code></a> Update CHANGELOG for v3.0.3</li> <li><a href="https://github.com/dorny/paths-filter/commit/ce10459c8b92cd8901166c0a222fbb033ef39365"><code>ce10459</code></a> Merge pull request <a href="https://redirect.github.com/dorny/paths-filter/issues/294">#294</a> from saschabratton/master</li> <li><a href="https://github.com/dorny/paths-filter/commit/5f40380c5482e806c81cec080f5192e7234d8fe9"><code>5f40380</code></a> feat: update action runtime to node24</li> <li><a href="https://github.com/dorny/paths-filter/commit/668c092af3649c4b664c54e4b704aa46782f6f7c"><code>668c092</code></a> Merge pull request <a href="https://redirect.github.com/dorny/paths-filter/issues/279">#279</a> from wardpeet/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/dorny/paths-filter/compare/de90cc6fb38fc0963ad72b210f1f284cd68cea36...fbd0ab8f3e69293af611ebaee6363fc25e6d187d">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dorny/paths-filter&package-manager=github_actions&previous-version=3.0.2&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-03-24 15:06:13 +11:00
dependabot[bot]	abd7b7aeba	ci: bump the github-actions group across 1 directory with 9 updates (#23345 ) Bumps the github-actions group with 10 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.40.0` \| `1.44.0` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `6.0.0` \| `7.0.0` \| \| [docker/login-action](https://github.com/docker/login-action) \| `3.7.0` \| `4.0.0` \| \| [actions/attest](https://github.com/actions/attest) \| `3.2.0` \| `4.1.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `47.0.1` \| `47.0.5` \| \| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) \| `3.12.0` \| `4.0.0` \| \| [linear/linear-release-action](https://github.com/linear/linear-release-action) \| `0.4.0` \| `0.5.0` \| \| [benc-uk/workflow-dispatch](https://github.com/benc-uk/workflow-dispatch) \| `1.2.4` \| `1.3.1` \| \| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) \| `c1824fd6edce30d7ab345a9989de00bbd46ef284` \| `57a97c7e7821a5776cebc9bb87c984fa69cba8f1` \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| Updates `crate-ci/typos` from 1.40.0 to 1.44.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.44.0</h2> <h2>[1.44.0] - 2026-02-27</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1488">February 2026</a> changes</li> </ul> <h2>v1.43.5</h2> <h2>[1.43.5] - 2026-02-16</h2> <h3>Fixes</h3> <ul> <li><em>(pypi)</em> Hopefully fix the sdist build</li> </ul> <h2>v1.43.4</h2> <h2>[1.43.4] - 2026-02-09</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>pincher</code></li> </ul> <h2>v1.43.3</h2> <h2>[1.43.3] - 2026-02-06</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Adjust how typos are reported to github</li> </ul> <h2>v1.43.2</h2> <h2>[1.43.2] - 2026-02-05</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>certifi</code> in Python</li> </ul> <h2>v1.43.1</h2> <h2>[1.43.1] - 2026-02-03</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>consts</code></li> </ul> <h2>v1.43.0</h2> <h2>[1.43.0] - 2026-02-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1453">January 2026</a> changes</li> </ul> <h2>v1.42.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.44.0] - 2026-02-27</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1488">February 2026</a> changes</li> </ul> <h2>[1.43.5] - 2026-02-16</h2> <h3>Fixes</h3> <ul> <li><em>(pypi)</em> Hopefully fix the sdist build</li> </ul> <h2>[1.43.4] - 2026-02-09</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>pincher</code></li> </ul> <h2>[1.43.3] - 2026-02-06</h2> <h3>Fixes</h3> <ul> <li><em>(action)</em> Adjust how typos are reported to github</li> </ul> <h2>[1.43.2] - 2026-02-05</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>certifi</code> in Python</li> </ul> <h2>[1.43.1] - 2026-02-03</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>consts</code></li> </ul> <h2>[1.43.0] - 2026-02-02</h2> <h3>Compatibility</h3> <ul> <li>Bumped MSRV to 1.91</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/631208b7aac2daa8b707f55e7331f9112b0e062d"><code>631208b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/3d3c6e376823e66c4f3e2583fc47b8be83b66d71"><code>3d3c6e3</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/ba1f545443d223c6bc2c821dad76c210fa78b46f"><code>ba1f545</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/102f66c093f0eb1a69937d3d1c589d5f16c5569b"><code>102f66c</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1510">#1510</a> from epage/feb</li> <li><a href="https://github.com/crate-ci/typos/commit/d303c9398affd88fc562292a2ec9433a37817b28"><code>d303c93</code></a> feat(dict): February updates</li> <li><a href="https://github.com/crate-ci/typos/commit/30eea72e385d435c00a24eeba0d96f87048f42ec"><code>30eea72</code></a> chore(ci): Update pre-build binary workflow</li> <li><a href="https://github.com/crate-ci/typos/commit/57b11c6b7e54c402ccd9cda953f1072ec4f78e33"><code>57b11c6</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/105ced22a5a7fedc36cbef6e5dec31b708e9ec5b"><code>105ced2</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/4f89be7e4a7933f8d9693a9da7a9e9258a8671ba"><code>4f89be7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1504">#1504</a> from schnellerhase/bump-maturin</li> <li><a href="https://github.com/crate-ci/typos/commit/d8547ad9c141d0e2c568b2344f0804a446ff25ab"><code>d8547ad</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1503">#1503</a> from 1195343015/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/2d0ce569feab1f8752f1dde43cc2f2aa53236e06...631208b7aac2daa8b707f55e7331f9112b0e062d">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 What's new</h2> <h3>Direct Uploads</h3> <p>Adds support for uploading single files directly (unzipped). Callers can set the new <code>archive</code> parameter to <code>false</code> to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The <code>name</code> parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.</p> <h3>ESM</h3> <p>To support new versions of the <code>@actions/*</code> packages, we've upgraded the package to ESM.</p> <h2>What's Changed</h2> <ul> <li>Add proxy integration test by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> <li>Upgrade the module to ESM and bump dependencies by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/762">actions/upload-artifact#762</a></li> <li>Support direct file uploads by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/764">actions/upload-artifact#764</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Link"><code>@Link</code></a>- made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0">https://github.com/actions/upload-artifact/compare/v6...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f"><code>bbbca2d</code></a> Support direct file uploads (<a href="https://redirect.github.com/actions/upload-artifact/issues/764">#764</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296"><code>589182c</code></a> Upgrade the module to ESM and bump dependencies (<a href="https://redirect.github.com/actions/upload-artifact/issues/762">#762</a>)</li> <li><a href="https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5"><code>47309c9</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/754">#754</a> from actions/Link-/add-proxy-integration-tests</li> <li><a href="https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0"><code>02a8460</code></a> Add proxy integration test</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.7.0 to 4.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/929">docker/login-action#929</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/927">docker/login-action#927</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/login-action/pull/919">docker/login-action#919</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> from 3.890.0 to 3.1000.0 in <a href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a> <a href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.77.0 in <a href="https://redirect.github.com/docker/login-action/pull/910">docker/login-action#910</a> <a href="https://redirect.github.com/docker/login-action/pull/928">docker/login-action#928</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a href="https://redirect.github.com/docker/login-action/pull/921">docker/login-action#921</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/login-action/pull/901">docker/login-action#901</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.7.0...v4.0.0">https://github.com/docker/login-action/compare/v3.7.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/b45d80f862d83dbcd57f89517bcf500b2ab88fb2"><code>b45d80f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/929">#929</a> from crazy-max/node24</li> <li><a href="https://github.com/docker/login-action/commit/176cb9c12abea98dfe844071c0999ff6ee9688a7"><code>176cb9c</code></a> node 24 as default runtime</li> <li><a href="https://github.com/docker/login-action/commit/cad89843109a11cb6f69f52fe695c42cf69d57d3"><code>cad8984</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/920">#920</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/92cbcb231ed341e7dc71693351b21f5ba65f8349"><code>92cbcb2</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/5a2d6a71bd3e0cb4abb6faae33f3dde61ece8e5b"><code>5a2d6a7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/44512b6b2e08b878e82b107b394fcd1af5748e63"><code>44512b6</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/928">#928</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/login-action/commit/28737a5e46bc0c62910ef429b2e55f9cabbbd5df"><code>28737a5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/dac079354afbd8db4c3b58b8cc6946573479b2a6"><code>dac0793</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.76.0 to 0.77.0</li> <li><a href="https://github.com/docker/login-action/commit/62029f315d6d05c8646343320e4a1552e5f1c77a"><code>62029f3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/919">#919</a> from docker/dependabot/npm_and_yarn/actions/core-3.0.0</li> <li><a href="https://github.com/docker/login-action/commit/08c8f064bf22a1c55918ee608a81d87b13cc4461"><code>08c8f06</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 3.2.0 to 4.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v4.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/362">actions/attest#362</a></li> <li>Bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/365">actions/attest#365</a></li> <li>Add new <code>subject-version</code> input for inclusion in storage record by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/364">actions/attest#364</a></li> <li>Add storage record content to README by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/366">actions/attest#366</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v4.0.0...v4.1.0">https://github.com/actions/attest/compare/v4.0.0...v4.1.0</a></p> <h2>v4.0.0</h2> <p>All of the capabilities of <a href="https://github.com/actions/attest-build-provenance"><code>actions/attest-build-provenance</code></a>, and <a href="https://github.com/actions/attest-sbom"><code>actions/attest-sbom</code></a> have now been folded into <code>actions/attest</code>.</p> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/core</code> from 2.0.1 to 2.0.2 in the npm-production group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/323">actions/attest#323</a></li> <li>Bump tar from 7.4.3 to 7.5.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/333">actions/attest#333</a></li> <li>Bump <code>@actions/github</code> from 6.0.1 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/324">actions/attest#324</a></li> <li>Bump <code>@actions/attest</code> from 2.1.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/325">actions/attest#325</a></li> <li>Bump tar from 7.4.3 to 7.5.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/337">actions/attest#337</a></li> <li>Bump <code>@isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/342">actions/attest#342</a></li> <li>Consolidate attestation actions by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/346">actions/attest#346</a></li> <li>ESM Conversion by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/347">actions/attest#347</a></li> <li>Test suite refactor by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/356">actions/attest#356</a></li> <li>Bump tar from 7.5.7 to 7.5.9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/354">actions/attest#354</a></li> <li>Bump version in package.json to v4.0.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/360">actions/attest#360</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3.2.0...v4.0.0">https://github.com/actions/attest/compare/v3.2.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/59d89421af93a897026c735860bf21b6eb4f7b26"><code>59d8942</code></a> add storage record content to README (<a href="https://redirect.github.com/actions/attest/issues/366">#366</a>)</li> <li><a href="https://github.com/actions/attest/commit/ec072a1cb2a95a9fb38f16ee92f72e0270cbf263"><code>ec072a1</code></a> add new subject-version input (<a href="https://redirect.github.com/actions/attest/issues/364">#364</a>)</li> <li><a href="https://github.com/actions/attest/commit/8b290b8d865f4d5d2caca84a45d0de9620d2187a"><code>8b290b8</code></a> bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 (<a href="https://redirect.github.com/actions/attest/issues/365">#365</a>)</li> <li><a href="https://github.com/actions/attest/commit/35cfe2422ed5658cfc87b5cca7e50507f7d478da"><code>35cfe24</code></a> bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 (<a href="https://redirect.github.com/actions/attest/issues/362">#362</a>)</li> <li><a href="https://github.com/actions/attest/commit/c32b4b8b198b65d0bd9d63490e847ff7b53989d4"><code>c32b4b8</code></a> bump version in package.json to v4.0.0 (<a href="https://redirect.github.com/actions/attest/issues/360">#360</a>)</li> <li><a href="https://github.com/actions/attest/commit/1e73be196c8840af1fa1fbff376890066093a323"><code>1e73be1</code></a> Bump typescript-eslint in the npm-development group (<a href="https://redirect.github.com/actions/attest/issues/358">#358</a>)</li> <li><a href="https://github.com/actions/attest/commit/e1345cbec46c2ad797722d96bfa19e14e3548b70"><code>e1345cb</code></a> Bump the npm-development group across 1 directory with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/357">#357</a>)</li> <li><a href="https://github.com/actions/attest/commit/09cd5f66cb420c0389c6f725c641e08df274410e"><code>09cd5f6</code></a> Bump tar from 7.5.7 to 7.5.9 (<a href="https://redirect.github.com/actions/attest/issues/354">#354</a>)</li> <li><a href="https://github.com/actions/attest/commit/19ad753d23453c7b9e9caf8a907f1d9e08816359"><code>19ad753</code></a> test suite re-write (<a href="https://redirect.github.com/actions/attest/issues/356">#356</a>)</li> <li><a href="https://github.com/actions/attest/commit/7d7ff4475a8e98e172944ad0b6687ab116043a85"><code>7d7ff44</code></a> ESM Conversion (<a href="https://redirect.github.com/actions/attest/issues/347">#347</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d...59d89421af93a897026c735860bf21b6eb4f7b26">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 47.0.1 to 47.0.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v47.0.5</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v47.0.4 by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2802">tj-actions/changed-files#2802</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2803">tj-actions/changed-files#2803</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2805">tj-actions/changed-files#2805</a></li> <li>chore(deps-dev): bump <code>@types/node</code> from 25.2.2 to 25.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2811">tj-actions/changed-files#2811</a></li> <li>chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2810">tj-actions/changed-files#2810</a></li> <li>chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2809">tj-actions/changed-files#2809</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2799">tj-actions/changed-files#2799</a></li> <li>chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2806">tj-actions/changed-files#2806</a></li> <li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2775">tj-actions/changed-files#2775</a></li> <li>chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2774">tj-actions/changed-files#2774</a></li> <li>chore(deps): bump lodash and <code>@types/lodash</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2807">tj-actions/changed-files#2807</a></li> <li>chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2764">tj-actions/changed-files#2764</a></li> <li>chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2815">tj-actions/changed-files#2815</a></li> <li>chore(deps-dev): bump <code>@types/node</code> from 25.3.2 to 25.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2814">tj-actions/changed-files#2814</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5</a></p> <h2>v47.0.4</h2> <h2>What's Changed</h2> <ul> <li>update: release-tagger action to version 6.0.6 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2801">tj-actions/changed-files#2801</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4</a></p> <h2>v47.0.3</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2790">tj-actions/changed-files#2790</a></li> <li>update: release-tagger action to version 6.0.0 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2800">tj-actions/changed-files#2800</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3</a></p> <h2>v47.0.2</h2> <h2>What's Changed</h2> <ul> <li>chore(deps-dev): bump eslint-plugin-jest from 29.2.1 to 29.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2751">tj-actions/changed-files#2751</a></li> <li>chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2741">tj-actions/changed-files#2741</a></li> <li>chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2743">tj-actions/changed-files#2743</a></li> <li>chore(deps): bump <code>@actions/core</code> from 2.0.0 to 2.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2757">tj-actions/changed-files#2757</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2768">tj-actions/changed-files#2768</a></li> <li>chore: update dist by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2769">tj-actions/changed-files#2769</a></li> <li>chore: update matrix-example.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2752">tj-actions/changed-files#2752</a></li> <li>feat: add support for excluding symlinks and fix bug with commit not found by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2770">tj-actions/changed-files#2770</a></li> <li>chore(deps): bump github/codeql-action from 4.31.7 to 4.31.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2761">tj-actions/changed-files#2761</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2771">tj-actions/changed-files#2771</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.11.0 to 29.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2756">tj-actions/changed-files#2756</a></li> <li>chore(deps-dev): bump <code>@types/lodash</code> from 4.17.21 to 4.17.23 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2759">tj-actions/changed-files#2759</a></li> <li>fix: Update test.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2781">tj-actions/changed-files#2781</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">47.0.5</a> - (2026-03-03)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2805">#2805</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/35dace0375d89e25e78db5f0a44127b61f4e5c20">35dace0</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2803">#2803</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/9ee99eb5bda5d6a67fedcd50ecd24fb10add2f41">9ee99eb</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 25.3.2 to 25.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>) (<a href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323">22103cc</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 4.32.4 to 4.32.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182">6c02e90</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>) (<a href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2">05f9457</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump lodash and <code>@types/lodash</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>) (<a href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401">52ed872</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>) (<a href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c">1cc5746</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump prettier from 3.7.4 to 3.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>) (<a href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a">de2962f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 4.32.2 to 4.32.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>) (<a href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15">37e96cc</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-jest from 29.12.1 to 29.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014">2180b0f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1">cf021c1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 7.0.0 to 8.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53">b54ac6f</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 25.2.2 to 25.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2811">#2811</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0f2a510bd7ac84bc12cdc52c2094298bc26b1692">0f2a510</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v47.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2802">#2802</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/b7ac303c8684d5e668c6c810e61a6fe32a53fe25">b7ac303</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">47.0.4</a> - (2026-02-17)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Release-tagger action to version 6.0.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2801">#2801</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7dee1b0c1557f278e5c7dc244927139d78c0e22a">7dee1b0</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">47.0.3</a> - (2026-02-17)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Release-tagger action to version 6.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2800">#2800</a>) (<a href="https://github.com/tj-actions/changed-files/commit/28b28f6e4e9e3d997beb9dce86cfd8cf0ce7c7f6">28b28f6</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump github/codeql-action from 4.31.10 to 4.32.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2790">#2790</a>) (<a href="https://github.com/tj-actions/changed-files/commit/875e6e5df8b8b00995fe6f0afd7ff1531ac1c47d">875e6e5</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323"><code>22103cc</code></a> chore(deps-dev): bump <code>@types/node</code> from 25.3.2 to 25.3.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182"><code>6c02e90</code></a> chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2"><code>05f9457</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401"><code>52ed872</code></a> chore(deps): bump lodash and <code>@types/lodash</code> (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c"><code>1cc5746</code></a> chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a"><code>de2962f</code></a> chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15"><code>37e96cc</code></a> chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014"><code>2180b0f</code></a> chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1"><code>cf021c1</code></a> chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53"><code>b54ac6f</code></a> chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/e0021407031f5be11a464abee9a0776171c79891...22103cc46bda19c2b464ffe86db46df6922fd323">compare view</a></li> </ul> </details> <br /> Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <ul> <li>Node 24 as default runtime (requires <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions Runner v2.327.1</a> or later) by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/483">docker/setup-buildx-action#483</a></li> <li>Remove deprecated inputs/outputs by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/464">docker/setup-buildx-action#464</a></li> <li>Switch to ESM and update config/test wiring by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/481">docker/setup-buildx-action#481</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 3.0.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/475">docker/setup-buildx-action#475</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.63.0 to 0.79.0 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/482">docker/setup-buildx-action#482</a> <a href="https://redirect.github.com/docker/setup-buildx-action/pull/485">docker/setup-buildx-action#485</a></li> <li>Bump js-yaml from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/452">docker/setup-buildx-action#452</a></li> <li>Bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/472">docker/setup-buildx-action#472</a></li> <li>Bump minimatch from 3.1.2 to 3.1.5 in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/480">docker/setup-buildx-action#480</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0">https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/setup-buildx-action/commit/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd"><code>4d04d5d</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/485">#485</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/cd74e05d9bae4eeec789f90ba15dc6fb4b60ae5d"><code>cd74e05</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/eee38ec7b3ed034ee896d3e212e5d11c04562b84"><code>eee38ec</code></a> build(deps): bump <code>@docker/actions-toolkit</code> from 0.77.0 to 0.79.0</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/7a83f65b5a215b3c81b210dafdc20362bd2b4e24"><code>7a83f65</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/484">#484</a> from docker/dependabot/github_actions/docker/setup-qe...</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a5aa96747d67f62520b42af91aeb306e7374b327"><code>a5aa967</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/464">#464</a> from crazy-max/rm-deprecated</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/e73d53fa4ed86ff46faaf2b13a228d6e93c51af3"><code>e73d53f</code></a> build(deps): bump docker/setup-qemu-action from 3 to 4</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/28a438e9ed9ef7ae2ebd0bf839039005c9501312"><code>28a438e</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/483">#483</a> from crazy-max/node24</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/034e9d37dd436b56b0167bea5a11ab731413e8cf"><code>034e9d3</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/b4664d8fd0ba15ff14560ab001737c666076d5be"><code>b4664d8</code></a> remove deprecated inputs/outputs</li> <li><a href="https://github.com/docker/setup-buildx-action/commit/a8257dec35f244ad06b4ff6c90fdd2ba97f262ba"><code>a8257de</code></a> node 24 as default runtime</li> <li>Additional commits viewable in <a href="https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd">compare view</a></li> </ul> </details> <br /> Updates `linear/linear-release-action` from 0.4.0 to 0.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/linear/linear-release-action/releases">linear/linear-release-action's releases</a>.</em></p> <blockquote> <h2>v0.5.0</h2> <h2>What's Changed</h2> <ul> <li>Documentation improvements by <a href="https://github.com/RomainCscn"><code>@RomainCscn</code></a> in <a href="https://redirect.github.com/linear/linear-release-action/pull/8">linear/linear-release-action#8</a></li> <li>Add support for release_version, same as the CLI by <a href="https://github.com/RomainCscn"><code>@RomainCscn</code></a> in <a href="https://redirect.github.com/linear/linear-release-action/pull/9">linear/linear-release-action#9</a></li> <li>Set CLI version default to latest</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0">https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/linear/linear-release-action/commit/5cbaabc187ceb63eee9d446e62e68e5c29a03ae8"><code>5cbaabc</code></a> Make latest the default cli version</li> <li><a href="https://github.com/linear/linear-release-action/commit/7fb27ceb7e17ef4353a87f85f4fc1e3d3416c057"><code>7fb27ce</code></a> Add support for release_version, same as the CLI (<a href="https://redirect.github.com/linear/linear-release-action/issues/9">#9</a>)</li> <li><a href="https://github.com/linear/linear-release-action/commit/fbf0176c7348aa6444e5e3d14db454cb4f4baab8"><code>fbf0176</code></a> Ensure name is properly used when creating scheduled release (<a href="https://redirect.github.com/linear/linear-release-action/issues/8">#8</a>)</li> <li>See full diff in <a href="https://github.com/linear/linear-release-action/compare/v0.4.0...5cbaabc187ceb63eee9d446e62e68e5c29a03ae8">compare view</a></li> </ul> </details> <br /> Updates `benc-uk/workflow-dispatch` from 1.2.4 to 1.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/benc-uk/workflow-dispatch/releases">benc-uk/workflow-dispatch's releases</a>.</em></p> <blockquote> <h2>v1.3.1</h2> <h2>Features</h2> <ul> <li><strong>New <code>sync-status</code> input</strong> — when used with <code>wait-for-completion</code>, mirrors the triggered workflow's conclusion (failure/cancelled) back to this action's status (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Alternate <code>ref</code> default for PRs</strong> — automatically uses <code>github.head_ref</code> when running in a pull request context, avoiding <code>refs/pull/.../merge</code> errors (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li> </ul> <h2>Bug Fixes</h2> <ul> <li><strong>Safer JSON input parsing</strong> — invalid <code>inputs</code> JSON now logs an error instead of throwing an unhandled exception (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Improved timeout handling</strong> — timeout now sets a distinct <code>timed_out</code> status and emits a warning instead of silently breaking (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><strong>Improved warning message formatting</strong> for workflow run timeout</li> </ul> <h2>Internal Changes & Chores</h2> <ul> <li>Replaced <code>console.log</code> calls with <code>core.info</code> for proper Actions log integration (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Removed stale <code>ref</code>/<code>inputs</code> parameters from the workflow list API call (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Expanded CI test matrix from 3 sequential steps to 9 parallel test jobs covering workflow lookup, output assertions, wait-for-completion, sync-status, and error handling (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Added CI path filters to skip docs-only changes (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Changed echo-3 test fixture from <code>workflow_call</code> to <code>workflow_dispatch</code> with deterministic failure (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Removed unused <code>.vscode/settings.json</code> (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>Added <code>.github/copilot-instructions.md</code> (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li>General project chores</li> </ul> <h2>Documentation Updates</h2> <ul> <li>No documentation updates in this release</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/7a027648b88c2413826b6ddd6c76114894dc5ec4"><code>7a02764</code></a> Improvements: sync-status, error handling, CI test coverage & path filters (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/3162154e5e0697f47fb76f12ed5508c5f3c066d7"><code>3162154</code></a> Use alternate <code>ref</code> default for PRs (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/4085c9787530f7d3f497838f77fce7b96a554397"><code>4085c97</code></a> project chores</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/6fd6de2826a993af5b50dfb55da903d4f1ca05ee"><code>6fd6de2</code></a> Improve warning message formatting for workflow run timeout</li> <li><a href="https://github.com/benc-uk/workflow-dispatch/commit/a54f9d194fed472732282ed1597dc4909e4b4080"><code>a54f9d1</code></a> 2026 refresh (<a href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/83">#83</a>)</li> <li>See full diff in <a href="https://github.com/benc-uk/workflow-dispatch/compare/e2e5e9a103e331dad343f381a29e654aea3cf8fc...7a027648b88c2413826b6ddd6c76114894dc5ec4">compare view</a></li> </ul> </details> <br /> Updates `aquasecurity/trivy-action` from c1824fd6edce30d7ab345a9989de00bbd46ef284 to 57a97c7e7821a5776cebc9bb87c984fa69cba8f1 \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/57a97c7e7821a5776cebc9bb87c984fa69cba8f1"><code>57a97c7</code></a> chore(deps): Update trivy to v0.69.3 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/519">#519</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/97e0b3872f55f89b95b2f65b3dbab56962816478"><code>97e0b38</code></a> chore: bump Trivy version to v0.69.2 in test workflow and README (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/515">#515</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/4c61e6329bab9be735ca35291551614bc663dff3"><code>4c61e63</code></a> chore: bump default Trivy version to v0.69.2 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/513">#513</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/1bd062560b422f5944df1de50abd05162bea079e"><code>1bd0625</code></a> Merge pull request <a href="https://redirect.github.com/aquasecurity/trivy-action/issues/508">#508</a> from nikpivkin/feat/pass-yaml-ignore-file</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/bce3086c4aa186dadd6671d45ad6dd5d1b8440ac"><code>bce3086</code></a> remove unused init-cache target</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/5a9fbb1236dc1b5ee9e73b5a515009a1dc684548"><code>5a9fbb1</code></a> supress progress bar when download db</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/16154502cae788884830e8df2671639b8cbaa03f"><code>1615450</code></a> update trivyignores input description</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/df85774a457f1f0a32a8e5744c2bced057257d65"><code>df85774</code></a> add comment about fd3</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/56c8daebb96c35cabeeda8187a6dd3ec711d0a72"><code>56c8dae</code></a> remove unused variable</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li><a href="https://github.com/aquasecurity/trivy-action/commit/e368e328979b113139d6f9068e03accaed98a518"><code>e368e32</code></a> ci(test): add zizmor security linter for GitHub Actions (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/502">#502</a>)</li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| <li>Additional commits viewable in <a href="https://github.com/aquasecurity/trivy-action/compare/c1824fd6edce30d7ab345a9989de00bbd46ef284...57a97c7e7821a5776cebc9bb87c984fa69cba8f1">compare view</a></li> \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.14.2` \| `2.16.0` \| </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Atif Ali <atif@coder.com>	2026-03-20 02:59:50 +00:00
dependabot[bot]	06cfe2705a	ci: bump the github-actions group with 3 updates (#22125 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [depot/setup-action](https://github.com/depot/setup-action) and [depot/build-push-action](https://github.com/depot/build-push-action). Updates `step-security/harden-runner` from 2.14.1 to 2.14.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.2</h2> <h2>What's Changed</h2> <p>Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See <a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-cpmj-h4f6-r6pq">GHSA-cpmj-h4f6-r6pq</a> for details.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2">https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/5ef0c079ce82195b2a36a210272d6b661572d83e"><code>5ef0c07</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/635">#635</a> from step-security/rc-34</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb43c7b3fd5a30c42ff1ab84b494f1cc6c7cc3b6"><code>eb43c7b</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...5ef0c079ce82195b2a36a210272d6b661572d83e">compare view</a></li> </ul> </details> <br /> Updates `depot/setup-action` from 1.6.0 to 1.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/setup-action/releases">depot/setup-action's releases</a>.</em></p> <blockquote> <h2>v1.7.1</h2> <h2>What's Changed</h2> <ul> <li>Update release workflow to ubuntu-latest (<a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.7.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/setup-action/commit/15c09a5f77a0840ad4bce955686522a257853461"><code>15c09a5</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/19">#19</a> from depot/jacobwgillespie-patch-1</li> <li><a href="https://github.com/depot/setup-action/commit/3194a53ed0aa42e00bc88f2411ab49d3f60219ba"><code>3194a53</code></a> Update release workflow to ubuntu-latest</li> <li><a href="https://github.com/depot/setup-action/commit/c0b08c3ba30137f89e75961508b587484558ff0f"><code>c0b08c3</code></a> Merge pull request <a href="https://redirect.github.com/depot/setup-action/issues/18">#18</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/setup-action/commit/23e67ebf8b5a313459580616cd34c7787607ac86"><code>23e67eb</code></a> chore: update action dependencies</li> <li><a href="https://github.com/depot/setup-action/commit/0886069e678860faf0d22c46e9f154d35beaa529"><code>0886069</code></a> chore: update node to v24</li> <li>See full diff in <a href="https://github.com/depot/setup-action/compare/b0b1ea4f69e92ebf5dea3f8713a1b0c37b2126a5...15c09a5f77a0840ad4bce955686522a257853461">compare view</a></li> </ul> </details> <br /> Updates `depot/build-push-action` from 1.16.2 to 1.17.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/build-push-action/releases">depot/build-push-action's releases</a>.</em></p> <blockquote> <h2>v1.17.0</h2> <h2>What's Changed</h2> <ul> <li>chore: update node to v24 (<a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a>) <a href="https://github.com/WitoDelnat"><code>@WitoDelnat</code></a></li> <li>Fix typo (<a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a>) <a href="https://github.com/gavrie"><code>@gavrie</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/build-push-action/commit/5f3b3c2e5a00f0093de47f657aeaefcedff27d18"><code>5f3b3c2</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/46">#46</a> from depot/wito/dep-2955-update-our-actions-to-use-nod...</li> <li><a href="https://github.com/depot/build-push-action/commit/1c8a5de5bf842e36234a9f65b76b66173541193f"><code>1c8a5de</code></a> chore: update actions dependency</li> <li><a href="https://github.com/depot/build-push-action/commit/88deb2d202089ac6bada8368187086a1d5cb6daa"><code>88deb2d</code></a> chore: update node to v24</li> <li><a href="https://github.com/depot/build-push-action/commit/eb4edcff909a80720d31732b633e4691b0c7cf02"><code>eb4edcf</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/45">#45</a> from gavrie/fix-typo</li> <li><a href="https://github.com/depot/build-push-action/commit/b7a09de6c74816aaa562b09c2d4082c63c68629a"><code>b7a09de</code></a> Fix typo</li> <li>See full diff in <a href="https://github.com/depot/build-push-action/compare/9785b135c3c76c33db102e45be96a25ab55cd507...5f3b3c2e5a00f0093de47f657aeaefcedff27d18">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-16 13:24:16 +00:00
dependabot[bot]	19d24075da	ci: bump the github-actions group with 4 updates (#22010 ) Bumps the github-actions group with 4 updates: [actions/cache](https://github.com/actions/cache), [docker/login-action](https://github.com/docker/login-action), [actions/attest](https://github.com/actions/attest) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/cache` from 5.0.2 to 5.0.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.3</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.3">https://github.com/actions/cache/compare/v5...v5.0.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>How to prepare a release</h2> <blockquote> <p>[!NOTE]<br /> Relevant for maintainers with write access only.</p> </blockquote> <ol> <li>Switch to a new branch from <code>main</code>.</li> <li>Run <code>npm test</code> to ensure all tests are passing.</li> <li>Update the version in <a href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li> <li>Run <code>npm run build</code> to update the compiled files.</li> <li>Update this <a href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a> with the new version and changes in the <code>## Changelog</code> section.</li> <li>Run <code>licensed cache</code> to update the license report.</li> <li>Run <code>licensed status</code> and resolve any warnings by updating the <a href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a> file with the exceptions.</li> <li>Commit your changes and push your branch upstream.</li> <li>Open a pull request against <code>main</code> and get it reviewed and merged.</li> <li>Draft a new release <a href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a> use the same version number used in <code>package.json</code> <ol> <li>Create a new tag with the version number.</li> <li>Auto generate release notes and update them to match the changes you made in <code>RELEASES.md</code>.</li> <li>Toggle the set as the latest release option.</li> <li>Publish the release.</li> </ol> </li> <li>Navigate to <a href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a> <ol> <li>There should be a workflow run queued with the same version number.</li> <li>Approve the run to publish the new version and update the major tags for this action.</li> </ol> </li> </ol> <h2>Changelog</h2> <h3>5.0.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li> <li>Bump <code>@actions/core</code> to v2.0.3</li> </ul> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/cdf6c1fa76f9f475f3d7449005a359c84ca0f306"><code>cdf6c1f</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1695">#1695</a> from actions/Link-/prepare-5.0.3</li> <li><a href="https://github.com/actions/cache/commit/a1bee22673bee4afb9ce4e0a1dc3da1c44060b7d"><code>a1bee22</code></a> Add review for the <code>@actions/http-client</code> license</li> <li><a href="https://github.com/actions/cache/commit/46957638dc5c5ff0c34c0143f443c07d3a7c769f"><code>4695763</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/dc73bb9f7bf74a733c05ccd2edfd1f2ac9e5f502"><code>dc73bb9</code></a> Upgrade dependencies and address security warnings</li> <li><a href="https://github.com/actions/cache/commit/345d5c2f761565bace4b6da356737147e9041e3a"><code>345d5c2</code></a> Add 5.0.3 builds</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/8b402f58fbc84540c8b491a91e594a4576fec3d7...cdf6c1fa76f9f475f3d7449005a359c84ca0f306">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.6.0 to 3.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.7.0</h2> <ul> <li>Add <code>scope</code> input to set scopes for the authentication token by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li> <li>Add support for AWS European Sovereign Cloud ECR by <a href="https://github.com/dphi"><code>@dphi</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li> <li>Ensure passwords are redacted with <code>registry-auth</code> input by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li> <li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/c94ce9fb468520275223c153574b00df6fe4bcc9"><code>c94ce9f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/915">#915</a> from docker/dependabot/npm_and_yarn/lodash-4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/8339c958ce8511f38d0c474c1886a87c802bf1ef"><code>8339c95</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/912">#912</a> from docker/scope</li> <li><a href="https://github.com/docker/login-action/commit/c83e9320c8beb50b77dd007c46d5c8161f0cac4a"><code>c83e932</code></a> build(deps): bump lodash from 4.17.21 to 4.17.23</li> <li><a href="https://github.com/docker/login-action/commit/b268aa57e39ff0a5386d2fd1eded4e2e1d60d705"><code>b268aa5</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/a60322927812ddc99316dd6252b4fba6d8f09ac1"><code>a603229</code></a> documentation for scope input</li> <li><a href="https://github.com/docker/login-action/commit/7567f92a74b2639be1bd8bc932a112a0d81283da"><code>7567f92</code></a> Add scope input to set scopes for the authentication token</li> <li><a href="https://github.com/docker/login-action/commit/0567fa5ae8c9a197cb207537dc5cbb43ca3d803f"><code>0567fa5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/914">#914</a> from dphi/add-support-for-amazonaws.eu</li> <li><a href="https://github.com/docker/login-action/commit/f6ef57754547a85003a0e18f789be661346d4a6e"><code>f6ef577</code></a> feat: add support for AWS European Sovereign Cloud ECR registries</li> <li><a href="https://github.com/docker/login-action/commit/916386b00027d425839f8da46d302dab33f5875b"><code>916386b</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/911">#911</a> from crazy-max/ensure-redact</li> <li><a href="https://github.com/docker/login-action/commit/5b3f94a294ea5478af3af437baa6ad0d3dcd04fd"><code>5b3f94a</code></a> chore: update generated content</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 3.1.0 to 3.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>Bump the npm-development group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/320">actions/attest#320</a></li> <li>Validate repository org-ownership before storage record creation by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/328">actions/attest#328</a></li> <li>Update version to 3.2.0 by <a href="https://github.com/malancas"><code>@malancas</code></a> in <a href="https://redirect.github.com/actions/attest/pull/334">actions/attest#334</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v3.1.0...v3.2.0">https://github.com/actions/attest/compare/v3.1.0...v3.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d"><code>e59cbc1</code></a> Update version to 3.2.0 (<a href="https://redirect.github.com/actions/attest/issues/334">#334</a>)</li> <li><a href="https://github.com/actions/attest/commit/20eb46ce7aac0a8d0fb0ba74463460bff36cc0bd"><code>20eb46c</code></a> Validate repository org-ownership before storage record creation (<a href="https://redirect.github.com/actions/attest/issues/328">#328</a>)</li> <li><a href="https://github.com/actions/attest/commit/7433fa7e7a4d4084bbd71358379fa9b45ce9d4d7"><code>7433fa7</code></a> Update <code>undici</code> development dependency to the latest version (<a href="https://redirect.github.com/actions/attest/issues/332">#332</a>)</li> <li><a href="https://github.com/actions/attest/commit/c03bf4160d4018cb293f5dcbf204e47c1b2808e1"><code>c03bf41</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/320">#320</a>)</li> <li>See full diff in <a href="https://github.com/actions/attest/compare/7667f588f2f73a90cea6c7ac70e78266c4f76616...e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.1 to 7.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.2</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Fix: Nix versions under <code>v2.33</code> not supported by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/295">nix-community/cache-nix-action#295</a></li> <li>Use a more precise check by <a href="https://github.com/deemp"><code>@deemp</code></a> in 47869c4cbb023c803424e7311f07a744a2d66296</li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.0 to 8.53.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/284">nix-community/cache-nix-action#284</a></li> <li>chore(deps): bump DeterminateSystems/determinate-nix-action from 3.15.1 to 3.15.2 in the minor-actions-dependencies group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/288">nix-community/cache-nix-action#288</a></li> <li>chore(deps-dev): bump eslint-config-love from 144.0.0 to 147.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/287">nix-community/cache-nix-action#287</a></li> <li>chore(deps-dev): bump prettier from 3.8.0 to 3.8.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/286">nix-community/cache-nix-action#286</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/290">nix-community/cache-nix-action#290</a></li> <li>chore(deps): bump <code>@actions/github</code> from 7.0.0 to 8.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/291">nix-community/cache-nix-action#291</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.53.1 to 8.54.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/289">nix-community/cache-nix-action#289</a></li> <li>chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/294">nix-community/cache-nix-action#294</a></li> </ul> <!-- raw HTML omitted --> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/7df957e333c1e5da7721f60227dbba6d06080569"><code>7df957e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/47869c4cbb023c803424e7311f07a744a2d66296"><code>47869c4</code></a> fix(action): use a more precise check</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/eca69c462eda8455304862773d53bfe08a7c1fad"><code>eca69c4</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/295">#295</a> from nix-community/nix-versions-under-v233-not-supported</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b6fd2e3f7b9992c952409248b26c3806976ca922"><code>b6fd2e3</code></a> feat(ci): add test with Nix version <2.33</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/ddd9cbc8ee25d0dbd64bc7bf380398d810fedcc0"><code>ddd9cbc</code></a> fix(ci): bump action version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/922e9060c19ec2c406a055d4255ec1760e0af798"><code>922e906</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4038f94ae961f71f156295e34fc27af3846cb555"><code>4038f94</code></a> refactor(action): rename constants for command results</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/dfde4d35b86aa2875e5829cfc8b6c2d4c203ab9b"><code>dfde4d3</code></a> fix(action): choose command based on the Nix version</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/4b2dd9ec99b6d72fad66eeff381bc94d20d7207d"><code>4b2dd9e</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/294">#294</a> from nix-community/dependabot/npm_and_yarn/eslint-con...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/273d1a77100543feec627c2bdd09b6c7060b88ab"><code>273d1a7</code></a> chore(deps-dev): bump eslint-config-love from 147.0.0 to 149.0.0</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/106bba72ed8e29c8357661199511ef07790175e9...7df957e333c1e5da7721f60227dbba6d06080569">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-09 13:35:13 +00:00
dependabot[bot]	1276b9d9b7	ci: bump the github-actions group with 2 updates (#21846 ) [//]: # (dependabot-start) ⚠️ Dependabot is rebasing this PR ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps the github-actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [actions/setup-java](https://github.com/actions/setup-java). Updates `step-security/harden-runner` from 2.14.0 to 2.14.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.1</h2> <h2>What's Changed</h2> <ol> <li> <p>In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.</p> </li> <li> <p>Fixed npm audit vulnerabilities</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1">https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/e3f713f2d8f53843e71c69a996d56f51aa9adfb9"><code>e3f713f</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/631">#631</a> from step-security/rc-31</li> <li><a href="https://github.com/step-security/harden-runner/commit/423acdda6fd4f75f197b7c305a3f2e3d700dc00b"><code>423acdd</code></a> chore: fix npm audit vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/0ddb86cf0353b79dbed5bb8cef4103700cea70a7"><code>0ddb86c</code></a> update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 5.1.0 to 5.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.2.0</h2> <h2>What's Changed</h2> <h3>Enhancement</h3> <ul> <li>Retry on HTTP 522 Connection timed out by <a href="https://github.com/findepi"><code>@findepi</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <h3>Documentation Changes</h3> <ul> <li>Update gradle caching by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/972">actions/setup-java#972</a></li> <li>Update checkout to v6 by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/973">actions/setup-java#973</a></li> </ul> <h3>Dependency Updates</h3> <ul> <li>Upgrade <code>@actions/cache</code> to v5 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/968">actions/setup-java#968</a></li> <li>Upgrade actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/961">actions/setup-java#961</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/findepi"><code>@findepi</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.2.0">https://github.com/actions/setup-java/compare/v5...v5.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/be666c2fcd27ec809703dec50e508c2fdc7f6654"><code>be666c2</code></a> Chore: Version Update and Checkout Update to v6 (<a href="https://redirect.github.com/actions/setup-java/issues/973">#973</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/f7a6fefba97e80156950e16f2a9dafc8579b7d05"><code>f7a6fef</code></a> Bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/actions/setup-java/issues/961">#961</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d81c4e45f3ac973cc936d79104023e20054ba578"><code>d81c4e4</code></a> Upgrade <code>@actions/cache</code> to v5 (<a href="https://redirect.github.com/actions/setup-java/issues/968">#968</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/1b1bbe1085cb6ab21b5b19b7bebc091a9430026a"><code>1b1bbe1</code></a> readme update (<a href="https://redirect.github.com/actions/setup-java/issues/972">#972</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/5d7b2146334bacf88728daaa70414a99f5164e0f"><code>5d7b214</code></a> Retry on HTTP 522 Connection timed out (<a href="https://redirect.github.com/actions/setup-java/issues/964">#964</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/f2beeb24e141e01a676f977032f5a29d81c9e27e...be666c2fcd27ec809703dec50e508c2fdc7f6654">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-02 13:53:07 +00:00
dependabot[bot]	bb186b8699	ci: bump the github-actions group across 1 directory with 4 updates (#21683 ) Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache), [chromaui/action](https://github.com/chromaui/action) and [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action). Updates `actions/checkout` from 6.0.1 to 6.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.2</h2> <h2>What's Changed</h2> <ul> <li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v6.0.2</h2> <ul> <li>Fix tag handling: preserve annotations and explicit fetch-tags by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li> </ul> <h2>v6.0.1</h2> <ul> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> </ul> <h2>v6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>v5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>v5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>v4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>v4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a> Fix tag handling: preserve annotations and explicit fetch-tags (<a href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li> <li><a href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a> Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 5.0.1 to 5.0.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v.5.0.2</h2> <h1>v5.0.2</h1> <h2>What's Changed</h2> <p>When creating cache entries, 429s returned from the cache service will not be retried.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v5.0.3 <a href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li> </ul> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/8b402f58fbc84540c8b491a91e594a4576fec3d7"><code>8b402f5</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1692">#1692</a> from GhadimiR/main</li> <li><a href="https://github.com/actions/cache/commit/304ab5a0701ee61908ccb4b5822347949a2e2002"><code>304ab5a</code></a> license for httpclient</li> <li><a href="https://github.com/actions/cache/commit/609fc19e67cd310e97eb36af42355843ffcb35be"><code>609fc19</code></a> Update licensed record for cache</li> <li><a href="https://github.com/actions/cache/commit/b22231e43df11a67538c05e88835f1fa097599c5"><code>b22231e</code></a> Build</li> <li><a href="https://github.com/actions/cache/commit/93150cdfb36a9d84d4e8628c8870bec84aedcf8a"><code>93150cd</code></a> Add PR link to releases</li> <li><a href="https://github.com/actions/cache/commit/9b8ca9f07e012351dafbf1c878e8fe2ee9a01c84"><code>9b8ca9f</code></a> Bump actions/cache to 5.0.3</li> <li>See full diff in <a href="https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...8b402f58fbc84540c8b491a91e594a4576fec3d7">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.4 to 13.3.5 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/07791f8243f4cb2698bf4d00426baf4b2d1cb7e0"><code>07791f8</code></a> v13.3.5</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694...07791f8243f4cb2698bf4d00426baf4b2d1cb7e0">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 7.0.0 to 7.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v7.0.1</h2> <h2>What's Changed</h2> <h2>Fixed</h2> <ul> <li>Checkpoint Nix store database before saving cache by <a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> <li>Checkpoint Nix store database before copying it by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/279">nix-community/cache-nix-action#279</a></li> </ul> <h2>Fixed (CI)</h2> <ul> <li>Fix formatting in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/280">nix-community/cache-nix-action#280</a></li> <li>Fix workflows for PRs in CI by <a href="https://github.com/deemp"><code>@deemp</code></a> in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/281">nix-community/cache-nix-action#281</a></li> </ul> <h2>Changed (deps)</h2> <!-- raw HTML omitted --> <ul> <li>chore(deps): bump <code>@actions/github</code> from 6.0.1 to 7.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/272">nix-community/cache-nix-action#272</a></li> <li>chore(deps-dev): bump eslint-config-love from 140.0.0 to 144.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/271">nix-community/cache-nix-action#271</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/269">nix-community/cache-nix-action#269</a></li> <li>chore(deps-dev): bump eslint-plugin-jest from 29.12.0 to 29.12.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/266">nix-community/cache-nix-action#266</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.51.0 to 8.52.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/268">nix-community/cache-nix-action#268</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/parser</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/273">nix-community/cache-nix-action#273</a></li> <li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/277">nix-community/cache-nix-action#277</a></li> <li>chore(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> from 8.52.0 to 8.53.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/274">nix-community/cache-nix-action#274</a></li> </ul> <!-- raw HTML omitted --> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/CathalMullan"><code>@CathalMullan</code></a> made their first contribution in <a href="https://redirect.github.com/nix-community/cache-nix-action/pull/278">nix-community/cache-nix-action#278</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1">https://github.com/nix-community/cache-nix-action/compare/v7...v7.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/106bba72ed8e29c8357661199511ef07790175e9"><code>106bba7</code></a> fix(ci): use a modern command</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b244431fab1b7abe5a59cdf0a5333321adfc040f"><code>b244431</code></a> chore: update src</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/052bf75174c2526e286675ef224b3ed819ca069b"><code>052bf75</code></a> chore: update docs</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c19319ee78cf2c8fdae7caec6d618d8d2f103a63"><code>c19319e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/e3b90182d2cfa77237ff1a124c0017402fe96732"><code>e3b9018</code></a> feat(action): add comment about checkpointing after database merging</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/05419d3e13bd8048ce71089f751a60193e8b2520"><code>05419d3</code></a> feat(readme): mention that the action may affect the workflow speed</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/0c043090a02147aa5edf074d1b0b7ccae887fd53"><code>0c04309</code></a> refactor(readme): group limitations and list them in separate sections</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/084a7ec7cc80327648e51c57b90e12b596675f40"><code>084a7ec</code></a> fix(github): adress linter comments and format templates</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b23f7c961d5d57e86f703e0526f2b35fc9223c12"><code>b23f7c9</code></a> fix(ci): don't fail-fast</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/6b5a012f6e29cda21881bcb0432a5350d18b44ad"><code>6b5a012</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/281">#281</a> from nix-community/fix-prs</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/b426b118b6dc86d6952988d396aa7c6b09776d08...106bba72ed8e29c8357661199511ef07790175e9">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-01-26 13:20:40 +00:00
dependabot[bot]	3f13859ade	ci: bump the github-actions group with 4 updates (#21370 ) Bumps the github-actions group with 4 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/cache](https://github.com/actions/cache), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `step-security/harden-runner` from 2.13.2 to 2.14.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.14.0</h2> <h2>What's Changed</h2> <ul> <li>Selective installation: Harden-Runner now skips installation on GitHub-hosted runners when the repository has a custom property skip_harden_runner, allowing organizations to opt out specific repos.</li> <li>Avoid double install: The action no longer installs Harden-Runner if it’s already present on a GitHub-hosted runner, which could happen when a composite action also installs it.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0">https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0</a></p> <h2>v2.13.3</h2> <h2>What's Changed</h2> <ul> <li>Fixed an issue where process events were not uploaded in certain edge cases.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3">https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/20cf305ff2072d973412fa9b1e3a4f227bda3c76"><code>20cf305</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/622">#622</a> from step-security/feature/custom-property-skip</li> <li><a href="https://github.com/step-security/harden-runner/commit/c51e8eeb6c4fdcd08f65e43a051dacdbfaa69702"><code>c51e8ee</code></a> feat: skip agent install and post step on subsequent runs for GitHub-hosted r...</li> <li><a href="https://github.com/step-security/harden-runner/commit/e152b90204c3d85cefa1441b701a47a13ed28bd7"><code>e152b90</code></a> feat: skip harden-runner based on repository custom property</li> <li><a href="https://github.com/step-security/harden-runner/commit/ee1faec052d1000061fa79a13e030db11b3f86bd"><code>ee1faec</code></a> feat: replace skip-harden-runner with skip-on-custom-property input</li> <li><a href="https://github.com/step-security/harden-runner/commit/1dc7c1764659d537dab2a854b8e165a801103eb1"><code>1dc7c17</code></a> feat: add skip-harden-runner input to conditionally skip execution</li> <li><a href="https://github.com/step-security/harden-runner/commit/df199fb7be9f65074067a9eb93f12bb4c5547cf2"><code>df199fb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/620">#620</a> from step-security/rc-29</li> <li><a href="https://github.com/step-security/harden-runner/commit/03d096a772368b1f0222005a6899d3e35a7f62df"><code>03d096a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/40901073af04afd40408833437092a7467798f33"><code>4090107</code></a> fix: update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...20cf305ff2072d973412fa9b1e3a4f227bda3c76">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 4.3.0 to 5.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v5.0.1</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h1>v5.0.1</h1> <h2>What's Changed</h2> <ul> <li>fix: update <code>@actions/cache</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1685">actions/cache#1685</a></li> <li>prepare release v5.0.1 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1686">actions/cache#1686</a></li> </ul> <h1>v5.0.0</h1> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v5...v5.0.1">https://github.com/actions/cache/compare/v5...v5.0.1</a></p> <h2>v5.0.0</h2> <blockquote> <p>[!IMPORTANT] <strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>.</strong></p> <p>If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <hr /> <h2>What's Changed</h2> <ul> <li>Upgrade to use node24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4.3.0...v5.0.0">https://github.com/actions/cache/compare/v4.3.0...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h2>Changelog</h2> <h3>5.0.1</h3> <ul> <li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via <code>@actions/cache@5.0.1</code> <a href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li> </ul> <h3>5.0.0</h3> <blockquote> <p>[!IMPORTANT] <code>actions/cache@v5</code> runs on the Node.js 24 runtime and requires a minimum Actions Runner version of <code>2.327.1</code>. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>4.3.0</h3> <ul> <li>Bump <code>@actions/cache</code> to <a href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li> </ul> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/9255dc7a253b0ccc959486e2bca901246202afeb"><code>9255dc7</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1686">#1686</a> from actions/cache-v5.0.1-release</li> <li><a href="https://github.com/actions/cache/commit/8ff5423e8b66eacab4e638ee52abbd2cb831366a"><code>8ff5423</code></a> chore: release v5.0.1</li> <li><a href="https://github.com/actions/cache/commit/9233019a152bc768059ac1768b8e4403b5da16c1"><code>9233019</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1685">#1685</a> from salmanmkc/node24-storage-blob-fix</li> <li><a href="https://github.com/actions/cache/commit/b975f2bb844529e1063ad882c609b224bcd66eb6"><code>b975f2b</code></a> fix: add peer property to package-lock.json for dependencies</li> <li><a href="https://github.com/actions/cache/commit/d0a0e1813491d01d574c95f8d189f62622bbb2ae"><code>d0a0e18</code></a> fix: update license files for <code>@actions/cache</code>, fast-xml-parser, and strnum</li> <li><a href="https://github.com/actions/cache/commit/74de208dcfcbe85c0e7154e7b17e4105fe2554ff"><code>74de208</code></a> fix: update <code>@actions/cache</code> to ^5.0.1 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/cache/commit/ac7f1152ead02e89c14b5456d14ab17591e74cfb"><code>ac7f115</code></a> peer</li> <li><a href="https://github.com/actions/cache/commit/b0f846b50b6061d7a2ca6f1a2fea61d4a65d1a16"><code>b0f846b</code></a> fix: update <code>@actions/cache</code> with storage-blob fix for Node.js 24 punycode depr...</li> <li><a href="https://github.com/actions/cache/commit/a7833574556fa59680c1b7cb190c1735db73ebf0"><code>a783357</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1684">#1684</a> from actions/prepare-cache-v5-release</li> <li><a href="https://github.com/actions/cache/commit/3bb0d78750a39cefce0c2b5a0a9801052b4359ad"><code>3bb0d78</code></a> docs: highlight v5 runner requirement in releases</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...9255dc7a253b0ccc959486e2bca901246202afeb">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>v6 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Upload Artifact Node 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li> <li>fix: update <code>@actions/artifact</code> for Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li> <li>prepare release v6.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f"><code>b7c566a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a> from actions/upload-artifact-v6-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b"><code>e516bc8</code></a> docs: correct description of Node.js 24 support in README</li> <li><a href="https://github.com/actions/upload-artifact/commit/ddc45ed9bca9b38dbd643978d88e3981cdc91415"><code>ddc45ed</code></a> docs: update README to correct action name for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/615b319bd27bb32c3d64dca6b6ed6974d5fbe653"><code>615b319</code></a> chore: release v6.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/upload-artifact/commit/017748b48f8610ca8e6af1222f4a618e84a9c703"><code>017748b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/upload-artifact/commit/38d4c7997f5510fcc41fc4aae2a6b97becdbe7fc"><code>38d4c79</code></a> chore: rebuild dist</li> <li><a href="https://github.com/actions/upload-artifact/commit/7d27270e0cfd253e666c44abac0711308d2d042f"><code>7d27270</code></a> chore: add missing license cache files for <code>@actions/core</code>, <code>@actions/io</code>, and mi...</li> <li><a href="https://github.com/actions/upload-artifact/commit/5f643d3c9475505ccaf26d686ffbfb71a8387261"><code>5f643d3</code></a> chore: update license files for <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1 dependencies</li> <li><a href="https://github.com/actions/upload-artifact/commit/1df1684032c88614064493e1a0478fcb3583e1d0"><code>1df1684</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/upload-artifact/commit/b5b1a918401ee270935b6b1d857ae66c85f3be6f"><code>b5b1a91</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/330a01c490aca151604b8cf639adc76d48f6c5d4...b7c566a772e6b6bfb58ed0dc250532a479d7789f">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 6.0.0 to 7.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 - What's new</h2> <blockquote> <p>[!IMPORTANT] actions/download-artifact@v7 now runs on Node.js 24 (<code>runs.using: node24</code>) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.</p> </blockquote> <h3>Node.js 24</h3> <p>This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.</p> <h2>What's Changed</h2> <ul> <li>Update GHES guidance to include reference to Node 20 version by <a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li>Download Artifact Node24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> <li>fix: update <code>@actions/artifact</code> to fix Node.js 24 punycode deprecation by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/451">actions/download-artifact#451</a></li> <li>prepare release v7.0.0 for Node.js 24 support by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/452">actions/download-artifact#452</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0">https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/37930b1c2abaa49bbe596cd826c3c89aef350131"><code>37930b1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/452">#452</a> from actions/download-artifact-v7-release</li> <li><a href="https://github.com/actions/download-artifact/commit/72582b9e0acd370909e83fa4a1fd0fca3ad452d8"><code>72582b9</code></a> doc: update readme</li> <li><a href="https://github.com/actions/download-artifact/commit/0d2ec9d4cbcefe257d822f108de2a1f15f8da9f6"><code>0d2ec9d</code></a> chore: release v7.0.0 for Node.js 24 support</li> <li><a href="https://github.com/actions/download-artifact/commit/fd7ae8fda6dc16277a9ffbc91cdb0eedf156e912"><code>fd7ae8f</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/451">#451</a> from actions/fix-storage-blob</li> <li><a href="https://github.com/actions/download-artifact/commit/d484700543354b15886d6a52910cf61b7f1d2b27"><code>d484700</code></a> chore: restore minimatch.dep.yml license file</li> <li><a href="https://github.com/actions/download-artifact/commit/03a808050efe42bb6ad85281890afd4e4546672c"><code>03a8080</code></a> chore: remove obsolete dependency license files</li> <li><a href="https://github.com/actions/download-artifact/commit/56fe6d904b0968950f8b68ea17774c54973ed5e2"><code>56fe6d9</code></a> chore: update <code>@actions/artifact</code> license file to 5.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/8e3ebc4ab4d2e095e5eb44ba1a4a53b6b03976ad"><code>8e3ebc4</code></a> chore: update package-lock.json with <code>@actions/artifact</code><a href="https://github.com/5"><code>@5</code></a>.0.1</li> <li><a href="https://github.com/actions/download-artifact/commit/1e3c4b4d4906c98ab57453c24efefdf16c078044"><code>1e3c4b4</code></a> fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24 punycode fix</li> <li><a href="https://github.com/actions/download-artifact/commit/458627d354794c71bc386c8d5839d20b5885fe2a"><code>458627d</code></a> chore: use local <code>@actions/artifact</code> package for Node.js 24 testing</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53...37930b1c2abaa49bbe596cd826c3c89aef350131">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-22 12:32:48 +00:00
dependabot[bot]	ed810a04f1	ci: bump the github-actions group with 4 updates (#21273 ) Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-java](https://github.com/actions/setup-java), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [actions/stale](https://github.com/actions/stale). Updates `actions/checkout` from 6.0.0 to 6.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.1</h2> <h2>What's Changed</h2> <ul> <li>Update all references from v5 and v4 to v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li> <li>Add worktree support for persist-credentials includeIf by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li> <li>Clarify v6 README by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a> Clarify v6 README (<a href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li> <li><a href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a> Add worktree support for persist-credentials includeIf (<a href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li> <li><a href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a> Update all references from v5 and v4 to v6 (<a href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...8e8c483db84b4bee98b60c0593521ed34d9990e8">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 5.0.0 to 5.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.1.0</h2> <h2>What's Changed</h2> <h3>New Features</h3> <ul> <li>Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter by <a href="https://github.com/guicamest"><code>@guicamest</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li> <li>Add support for Microsoft OpenJDK 25 builds by <a href="https://github.com/the-mod"><code>@the-mod</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li> </ul> <h3>Bug Fixes & Improvements</h3> <ul> <li>Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/767">actions/setup-java#767</a></li> <li>Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by <a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li> <li>Update SapMachine URLs by <a href="https://github.com/RealCLanger"><code>@RealCLanger</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/955">actions/setup-java#955</a></li> <li>Add GitHub Token Support for GraalVM and Refactor Code by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/849">actions/setup-java#849</a></li> </ul> <h3>Documentation changes</h3> <ul> <li>Update documentation to use checkout and Java v5 by <a href="https://github.com/lmvysakh"><code>@lmvysakh</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li> <li>Clarify JAVA_HOME and PATH setup in README by <a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li> </ul> <h3>Dependency updates</h3> <ul> <li>Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/873">actions/setup-java#873</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/912">actions/setup-java#912</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lmvysakh"><code>@lmvysakh</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li> <li><a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li> <li><a href="https://github.com/the-mod"><code>@the-mod</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li> <li><a href="https://github.com/priya-kinthali"><code>@priya-kinthali</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li> <li><a href="https://github.com/guicamest"><code>@guicamest</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.1.0">https://github.com/actions/setup-java/compare/v5...v5.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/f2beeb24e141e01a676f977032f5a29d81c9e27e"><code>f2beeb2</code></a> Bump actions/publish-action from 0.3.0 to 0.4.0 (<a href="https://redirect.github.com/actions/setup-java/issues/912">#912</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/4e7e684fbb6e33f88ecb2cf1e6b3797739cf499b"><code>4e7e684</code></a> feat: Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter (<a href="https://redirect.github.com/actions/setup-java/issues/736">#736</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/46c56d6f92c88cf540acf95a12a4a41197499222"><code>46c56d6</code></a> Add GitHub Token Support for GraalVM and Refactor Code (<a href="https://redirect.github.com/actions/setup-java/issues/849">#849</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/66b945764b75604b3cfd644c3ada5232cf6c90c6"><code>66b9457</code></a> Update SapMachine URLs (<a href="https://redirect.github.com/actions/setup-java/issues/955">#955</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/6ba5449b7dcda52941806a19f0cf626b6420191e"><code>6ba5449</code></a> Enhance error logging for network failures to include endpoint/IP details, ad...</li> <li><a href="https://github.com/actions/setup-java/commit/de5a937a1dc73fbc1a67d7d1aa4bebc1082f3190"><code>de5a937</code></a> adds microsoft openjdk25 builds (<a href="https://redirect.github.com/actions/setup-java/issues/927">#927</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ead9eaa3cfe0b0fc2fa749519ae09c3d4f4080b0"><code>ead9eaa</code></a> Update Regex to Support All ASDF Versions for the supported distributions in ...</li> <li><a href="https://github.com/actions/setup-java/commit/8c57fa36276f209f7c545338dc17a4cc89842dec"><code>8c57fa3</code></a> Clarify JAVA_HOME and PATH setup in README (<a href="https://redirect.github.com/actions/setup-java/issues/841">#841</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/a7ab372554b6eb1a8eb25e7d9aec1cc9f3ea1a76"><code>a7ab372</code></a> Bump prettier from 2.8.8 to 3.6.2 (<a href="https://redirect.github.com/actions/setup-java/issues/873">#873</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d0351b4837dd42a4a838ef25daec3bf530e20aaf"><code>d0351b4</code></a> Update documentation to use checkout and Java v5 (<a href="https://redirect.github.com/actions/setup-java/issues/903">#903</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/dded0888837ed1f317902acf8a20df0ad188d165...f2beeb24e141e01a676f977032f5a29d81c9e27e">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b to e0021407031f5be11a464abee9a0776171c79891 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b...abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b">compare view</a></li> </ul> </details> <br /> Updates `actions/stale` from 10.1.0 to 10.1.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/stale/releases">actions/stale's releases</a>.</em></p> <blockquote> <h2>v10.1.1</h2> <h2>What's Changed</h2> <h3>Bug Fix</h3> <ul> <li>Add Missing Input Reading for <code>only-issue-types</code> by <a href="https://github.com/Bibo-Joshi"><code>@Bibo-Joshi</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1298">actions/stale#1298</a></li> </ul> <h3>Improvement</h3> <ul> <li>Improves error handling when rate limiting is disabled on GHES. by <a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li> </ul> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade eslint-config-prettier from 8.10.0 to 10.1.8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1276">actions/stale#1276</a></li> <li>Upgrade <code>@types/node</code> from 20.10.3 to 24.2.0 and document breaking changes in v10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1280">actions/stale#1280</a></li> <li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1291">actions/stale#1291</a></li> <li>Upgrade actions/checkout from 4 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1306">actions/stale#1306</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/chiranjib-swain"><code>@chiranjib-swain</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1300">actions/stale#1300</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/stale/compare/v10...v10.1.1">https://github.com/actions/stale/compare/v10...v10.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/stale/commit/997185467fa4f803885201cee163a9f38240193d"><code>9971854</code></a> build(deps): bump actions/checkout from 4 to 6 (<a href="https://redirect.github.com/actions/stale/issues/1306">#1306</a>)</li> <li><a href="https://github.com/actions/stale/commit/5611b9defa6b7799a950489b00163db69f7a3ece"><code>5611b9d</code></a> build(deps): bump actions/publish-action from 0.3.0 to 0.4.0 (<a href="https://redirect.github.com/actions/stale/issues/1291">#1291</a>)</li> <li><a href="https://github.com/actions/stale/commit/fad0de84e50d1aba7b0236cdaf0ea98a43286849"><code>fad0de8</code></a> Improves error handling when rate limiting is disabled on GHES. (<a href="https://redirect.github.com/actions/stale/issues/1300">#1300</a>)</li> <li><a href="https://github.com/actions/stale/commit/39bea7de61dd70ce4705a976f904f33d5e1e0f49"><code>39bea7d</code></a> Add Missing Input Reading for <code>only-issue-types</code> (<a href="https://redirect.github.com/actions/stale/issues/1298">#1298</a>)</li> <li><a href="https://github.com/actions/stale/commit/e46bbabb3ede15841d25946157759558dd16306e"><code>e46bbab</code></a> build(deps-dev): bump <code>@types/node</code> from 20.10.3 to 24.2.0 and document breakin...</li> <li><a href="https://github.com/actions/stale/commit/65d1d4804d3060875fff9f9fa8a49e27f71ce7f0"><code>65d1d48</code></a> build(deps-dev): bump eslint-config-prettier from 8.10.0 to 10.1.8 (<a href="https://redirect.github.com/actions/stale/issues/1276">#1276</a>)</li> <li>See full diff in <a href="https://github.com/actions/stale/compare/5f858e3efba33a5ca4407a664cc011ad407f2008...997185467fa4f803885201cee163a9f38240193d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-15 12:23:24 +00:00
dependabot[bot]	fad8b54ab8	ci: bump the github-actions group across 1 directory with 6 updates (#21017 ) Bumps the github-actions group with 6 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `5.0.0` \| `6.0.0` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.39.2` \| `1.40.0` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.3.3` \| `13.3.4` \| \| [fluxcd/flux2](https://github.com/fluxcd/flux2) \| `2.7.3` \| `2.7.5` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `70069877f29101175ed2b055d210fe8b1d54d7d7` \| `abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `4.31.3` \| `4.31.6` \| Updates `actions/checkout` from 5.0.0 to 6.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>v6-beta by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li> <li>update readme/changelog for v6 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p> <h2>v6-beta</h2> <h2>What's Changed</h2> <p>Updated persist-credentials to store the credentials under <code>$RUNNER_TEMP</code> instead of directly in the local git config.</p> <p>This requires a minimum Actions Runner version of <a href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a> to access the persisted credentials for <a href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker container action</a> scenarios.</p> <h2>v5.0.1</h2> <h2>What's Changed</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V6.0.0</h2> <ul> <li>Persist creds to a separate file by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li> <li>Update README to include Node.js 24 support details and requirements by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li> </ul> <h2>V5.0.1</h2> <ul> <li>Port v6 cleanup to v5 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li> </ul> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.1</h2> <ul> <li>Port v6 cleanup to v4 by <a href="https://github.com/ericsciple"><code>@ericsciple</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a> update readme/changelog for v6 (<a href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li> <li><a href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a> v6-beta (<a href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li> <li><a href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a> Persist creds to a separate file (<a href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li> <li><a href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a> Update README to include Node.js 24 support details and requirements (<a href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/08c6903cd8c0fde910a37f88322edcfb5dd907a8...1af3b93b6815bc44a9784bd300feb67ff0d1eeb3">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.39.2 to 1.40.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.40.0</h2> <h2>[1.40.0] - 2025-11-26</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1405">November 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="https://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.40.0] - 2025-11-26</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1405">November 2025</a> changes</li> </ul> <h2>[1.39.2] - 2025-11-13</h2> <h3>Fixes</h3> <ul> <li>Don't offer <code>entry</code> as a correction for <code>entrys</code></li> </ul> <h2>[1.39.1] - 2025-11-12</h2> <h3>Features</h3> <ul> <li>Make <code>--help</code> more vibrant</li> </ul> <h2>[1.39.0] - 2025-10-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1383">October 2025</a> changes</li> </ul> <h3>Fixes</h3> <ul> <li>When a typo is pluralized, prefer pluralized corrections</li> </ul> <h2>[1.38.1] - 2025-10-07</h2> <h3>Fixes</h3> <ul> <li>Ignore common golang identifiers</li> </ul> <h2>[1.38.0] - 2025-10-06</h2> <h3>Features</h3> <ul> <li>Update type list</li> </ul> <h3>Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/2d0ce569feab1f8752f1dde43cc2f2aa53236e06"><code>2d0ce56</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/efbd900f8db9952781b6bd1ad83baa38ebd153e3"><code>efbd900</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/863fd15db8bf16bfe9117ec1a83ea7b6e802e9f3"><code>863fd15</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/9a27b16791dd73549457a07f247bc4920f787919"><code>9a27b16</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1432">#1432</a> from epage/nov</li> <li><a href="https://github.com/crate-ci/typos/commit/3dbd9d4eacab7f22586ea581e4d403c3ca9dbbb7"><code>3dbd9d4</code></a> feat(dict): November additions</li> <li><a href="https://github.com/crate-ci/typos/commit/a1a16c7b7c25d1c27cc750525aada8b9ae68b716"><code>a1a16c7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1427">#1427</a> from deining/bump-github-action</li> <li><a href="https://github.com/crate-ci/typos/commit/cb8d2e78ff23c82fca05340ed256b04513d022b9"><code>cb8d2e7</code></a> docs: Bump GitHub checkout action in 'github-action.md'</li> <li><a href="https://github.com/crate-ci/typos/commit/9f99fb8dfe87b8a3441863fb2e5d5da88a2aa9a2"><code>9f99fb8</code></a> docs(ref): Clarify extend-words / extend-identifiers</li> <li>See full diff in <a href="https://github.com/crate-ci/typos/compare/626c4bedb751ce0b7f03262ca97ddda9a076ae1c...2d0ce569feab1f8752f1dde43cc2f2aa53236e06">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.3.3 to 13.3.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694"><code>4c20b95</code></a> v13.3.4</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/ac86f2ff0a458ffbce7b40698abd44c0fa34d4b6...4c20b95e9d3209ecfdf9cd6aace6bbde71ba1694">compare view</a></li> </ul> </details> <br /> Updates `fluxcd/flux2` from 2.7.3 to 2.7.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's releases</a>.</em></p> <blockquote> <h2>v2.7.5</h2> <h2>Highlights</h2> <p>Flux v2.7.5 is a patch release that comes with fixes to helm-controller. Users are encouraged to upgrade for the best experience.</p> <p>ℹ️ Please follow the <a href="https://github.com/fluxcd/flux2/discussions/5572">Upgrade Procedure for Flux v2.7+</a> for a smooth upgrade from Flux v2.6 to the latest version.</p> <p>Fixes:</p> <ul> <li>Fix HelmRelease history truncation when using the <code>RetryOnFailure</code> strategy.</li> </ul> <p>⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use <a href="https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries">Cosign v2.6</a> for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.</p> <h2>Components changelog</h2> <ul> <li>helm-controller <a href="https://github.com/fluxcd/helm-controller/blob/v1.4.5/CHANGELOG.md">v1.4.5</a></li> </ul> <h2>CLI changelog</h2> <ul> <li>[release/v2.7.x] Update toolkit components by <a href="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in <a href="https://redirect.github.com/fluxcd/flux2/pull/5649">fluxcd/flux2#5649</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5">https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5</a></p> <h2>v2.7.4</h2> <h2>Highlights</h2> <p>Flux v2.7.4 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.</p> <p>ℹ️ Please follow the <a href="https://github.com/fluxcd/flux2/discussions/5572">Upgrade Procedure for Flux v2.7+</a> for a smooth upgrade from Flux v2.6 to the latest version.</p> <p>Fixes:</p> <ul> <li>Add <code>DisableConfigWatchers</code> feature gate to all controllers for disabling the Secrets/ConfigMaps watchers</li> <li>Fix Workload Identity for Azure China Cloud in all controllers</li> <li>Update Helm Go SDK to v3.19.2 fixing schema validation issues in helm-controller</li> <li>Skip secret decryption for remote kustomize patches in kustomize-controller</li> <li>Improve post-build error reporting in kustomize-controller</li> <li>Add <code>ArtifactGenerator</code> to aggregated RBAC roles</li> </ul> <p>⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use <a href="https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries">Cosign v2.6</a> for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.</p> <h2>Components changelog</h2> <ul> <li>source-controller <a href="https://github.com/fluxcd/source-controller/blob/v1.7.4/CHANGELOG.md">v1.7.4</a></li> <li>kustomize-controller <a href="https://github.com/fluxcd/kustomize-controller/blob/v1.7.3/CHANGELOG.md">v1.7.3</a></li> <li>notification-controller <a href="https://github.com/fluxcd/notification-controller/blob/v1.7.5/CHANGELOG.md">v1.7.5</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/fluxcd/flux2/commit/8454b02a32e48d775b9f563cb51fdcb1787b5b93"><code>8454b02</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5649">#5649</a> from fluxcd/backport-5648-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/931f101cb1cba9f7af4efa44ac0a5c7f634d9b06"><code>931f101</code></a> Update toolkit components</li> <li><a href="https://github.com/fluxcd/flux2/commit/06ed49dcd3f3ce2fc8d1988848245873a91550bc"><code>06ed49d</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5642">#5642</a> from fluxcd/backport-5597-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/6021981de38a416f214a97dd090a1346a20d9ad4"><code>6021981</code></a> Allow option to skip tenant namespace creation</li> <li><a href="https://github.com/fluxcd/flux2/commit/4b7d46e511ca0efbea80e19fca675b18191a7508"><code>4b7d46e</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5640">#5640</a> from fluxcd/backport-5639-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/e8c87047ba81d4bdacc3a33c443e93a35efedda0"><code>e8c8704</code></a> Update toolkit components</li> <li><a href="https://github.com/fluxcd/flux2/commit/abd603eca72aac25d6a7b2da88e902ff798fbf61"><code>abd603e</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5635">#5635</a> from fluxcd/backport-5625-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/83d426c3c04baba957c4aa7774990563e125f5d4"><code>83d426c</code></a> diff: report if object is skipped</li> <li><a href="https://github.com/fluxcd/flux2/commit/48e77c820ecea23bb34fe51b1914bc41fd0830ac"><code>48e77c8</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5634">#5634</a> from fluxcd/backport-5633-to-release/v2.7.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/01fbe3763997a09e67ec30779aa9280cb74e8885"><code>01fbe37</code></a> Upgrade k8s to 1.34.2, c-r to 0.22.4 and helm to 3.19.2</li> <li>Additional commits viewable in <a href="https://github.com/fluxcd/flux2/compare/b6e76ca2534f76dcb8dd94fb057cdfa923c3b641...8454b02a32e48d775b9f563cb51fdcb1787b5b93">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 70069877f29101175ed2b055d210fe8b1d54d7d7 to abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b"><code>abdd2f6</code></a> chore(deps): bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2717">#2717</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/1d08ab228c06cfdb5c92a6be6fb2e03654e2410c"><code>1d08ab2</code></a> chore(deps-dev): bump <code>@types/lodash</code> from 4.17.20 to 4.17.21 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2718">#2718</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/085eb10d7ef84ec5ab690becdd4072966e781924"><code>085eb10</code></a> chore(deps-dev): bump eslint-plugin-jest from 29.1.0 to 29.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2719">#2719</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/72321d1f003ac6191c4d5c7781eed4241a728447"><code>72321d1</code></a> chore(deps): bump github/codeql-action from 4.31.4 to 4.31.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2720">#2720</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8c66df4f78c44069a58c4517f775d02211a2b06b"><code>8c66df4</code></a> chore(deps-dev): bump prettier from 3.6.2 to 3.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2722">#2722</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6da3c88b60ebf09464ada9b06fba5b6f2d34bb94"><code>6da3c88</code></a> chore(deps): bump nrwl/nx-set-shas from 4.3.3 to 4.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2712">#2712</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/48b6e9756da9107e9b08fcb676b292caaac1140b"><code>48b6e97</code></a> chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2714">#2714</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4206138f174379c379efaa0f5c1d1f82a96eac0a"><code>4206138</code></a> Update README.md</li> <li><a href="https://github.com/tj-actions/changed-files/commit/31e663cd71ad1f011b9f9e87f3a710e5ebb9a658"><code>31e663c</code></a> chore(deps): bump github/codeql-action from 4.31.2 to 4.31.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2715">#2715</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/46fd332157a59040c95f13a55162240a4b789b6c"><code>46fd332</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.10.0 to 24.10.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2711">#2711</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/70069877f29101175ed2b055d210fe8b1d54d7d7...abdd2f68ea150cee8f236d4a9fb4e0f2491abf1b">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 4.31.3 to 4.31.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.31.6</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.6/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v4.31.4</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v4.31.4/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.31.6 - 01 Dec 2025</h2> <p>No user facing changes.</p> <h2>4.31.5 - 24 Nov 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.6. <a href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li> </ul> <h2>4.31.4 - 18 Nov 2025</h2> <p>No user facing changes.</p> <h2>4.31.3 - 13 Nov 2025</h2> <ul> <li>CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see <a href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming deprecation of CodeQL Action v3</a>.</li> <li>Update default CodeQL bundle version to 2.23.5. <a href="https://redirect.github.com/github/codeql-action/pull/3288">#3288</a></li> </ul> <h2>4.31.2 - 30 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.31.1 - 30 Oct 2025</h2> <ul> <li>The <code>add-snippets</code> input has been removed from the <code>analyze</code> action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.</li> </ul> <h2>4.31.0 - 24 Oct 2025</h2> <ul> <li>Bump minimum CodeQL bundle version to 2.17.6. <a href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li> <li>When SARIF files are uploaded by the <code>analyze</code> or <code>upload-sarif</code> actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the <code>upload-sarif</code> action. For <code>analyze</code>, this may affect Advanced Setup for CodeQL users who specify a value other than <code>always</code> for the <code>upload</code> input. <a href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li> </ul> <h2>4.30.9 - 17 Oct 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.3. <a href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li> <li>Experimental: A new <code>setup-codeql</code> action has been added which is similar to <code>init</code>, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li> </ul> <h2>4.30.8 - 10 Oct 2025</h2> <p>No user facing changes.</p> <h2>4.30.7 - 06 Oct 2025</h2> <ul> <li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/fe4161a26a8629af62121b670040955b330f9af2"><code>fe4161a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3336">#3336</a> from github/update-v4.31.6-ecec1f887</li> <li><a href="https://github.com/github/codeql-action/commit/88c2ab5eee3b475eef2f7aabf89bd9f052153d91"><code>88c2ab5</code></a> Update changelog for v4.31.6</li> <li><a href="https://github.com/github/codeql-action/commit/ecec1f88769052ebc45aa0affc53ea30d474cffa"><code>ecec1f8</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3335">#3335</a> from github/mbg/ci/run-codeql-on-all-prs</li> <li><a href="https://github.com/github/codeql-action/commit/23da73277866951560f258278028b48f68958a0a"><code>23da732</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3334">#3334</a> from github/kaspersv/overlay-minor-comments</li> <li><a href="https://github.com/github/codeql-action/commit/f7abc748a3da068e17cfd0e1086e8d72e51f17b6"><code>f7abc74</code></a> Remove branch filter for PR event in CodeQL workflow</li> <li><a href="https://github.com/github/codeql-action/commit/32ada5e061c0433b9e40f11632c2412a55b745f9"><code>32ada5e</code></a> Merge branch 'main' into kaspersv/overlay-minor-comments</li> <li><a href="https://github.com/github/codeql-action/commit/75b2f49aeaf4e8a9eab338ddc5d628eea7366eeb"><code>75b2f49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3333">#3333</a> from github/kaspersv/overlay-no-resource-checks-option</li> <li><a href="https://github.com/github/codeql-action/commit/f036b1cb781fa664100fee1f7c56a0088663dd26"><code>f036b1c</code></a> Merge branch 'main' into kaspersv/overlay-no-resource-checks-option</li> <li><a href="https://github.com/github/codeql-action/commit/58c5954801c246a3975b658372285b37c45de271"><code>58c5954</code></a> Add comment to runnerSupportsOverlayAnalysis</li> <li><a href="https://github.com/github/codeql-action/commit/b02fa13292ce189c02cbb1ba5488f7dbbc8c6b14"><code>b02fa13</code></a> Order feature flags alphabetically</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/014f16e7ab1402f30e7c3329d33797e7948572db...fe4161a26a8629af62121b670040955b330f9af2">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-12-01 10:32:29 +00:00
dependabot[bot]	4cbba17f10	ci: bump the github-actions group with 3 updates (#20703 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [Mattraks/delete-workflow-runs](https://github.com/mattraks/delete-workflow-runs). Updates `step-security/harden-runner` from 2.13.1 to 2.13.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.2</h2> <h2>What's Changed</h2> <ul> <li>Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.</li> <li>Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2">https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/95d9a5deda9de15063e7595e9719c11c38c90ae2"><code>95d9a5d</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/606">#606</a> from step-security/rc-28</li> <li><a href="https://github.com/step-security/harden-runner/commit/87e429d3fb470bcc827f338e5cce1155ff99c6eb"><code>87e429d</code></a> Update limitations.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/ef891c3a30c3c15c2287ce04b33ec28b6d90a447"><code>ef891c3</code></a> feat: add support for custom vm image</li> <li><a href="https://github.com/step-security/harden-runner/commit/1fa8c8a8b1b523829fe596bfc665d2bc4c0ef835"><code>1fa8c8a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/92c522aaa6f53af082553dedc1596c80b71aba33"><code>92c522a</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/593">#593</a> from step-security/ak-readme-updates</li> <li><a href="https://github.com/step-security/harden-runner/commit/4719ad5578c61961f4f70f833580278dea5544de"><code>4719ad5</code></a> README updates</li> <li><a href="https://github.com/step-security/harden-runner/commit/4fde639ab437b75bf4ecb52bbddb23ab0ac00259"><code>4fde639</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/591">#591</a> from eromosele-stepsecurity/Upd</li> <li><a href="https://github.com/step-security/harden-runner/commit/f682f2f2d06275b6ab30c2a973c1de2fa120e134"><code>f682f2f</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a...95d9a5deda9de15063e7595e9719c11c38c90ae2">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 0ff001de0805038ff3f118de4875002200057732 to 70069877f29101175ed2b055d210fe8b1d54d7d7 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/70069877f29101175ed2b055d210fe8b1d54d7d7"><code>7006987</code></a> chore(deps): bump <code>@octokit/rest</code> from 22.0.0 to 22.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2705">#2705</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5df1bad3a527ede089326306d1296297ab0d58d2"><code>5df1bad</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.9.2 to 24.10.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2707">#2707</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/0ff001de0805038ff3f118de4875002200057732...70069877f29101175ed2b055d210fe8b1d54d7d7">compare view</a></li> </ul> </details> <br /> Updates `Mattraks/delete-workflow-runs` from 86d29a75093353c4c509a876c176234037c2025b to 5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7"><code>5bf9a1d</code></a> Bug Fixes</li> <li><a href="https://github.com/Mattraks/delete-workflow-runs/commit/63b223f231f2f5bbea217100ec6d29ab24faa7a1"><code>63b223f</code></a> Supports daily retention keep a minimum number of runs per day</li> <li>See full diff in <a href="https://github.com/mattraks/delete-workflow-runs/compare/86d29a75093353c4c509a876c176234037c2025b...5bf9a1dac5c4d041c029f0a8370ddf0c5cb5aeb7">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-11-10 14:05:16 +00:00
dependabot[bot]	f947a34103	ci: bump the github-actions group across 1 directory with 15 updates (#20384 ) Co-authored-by: github-actions[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: M Atif Ali <atif@coder.com> Co-authored-by: Ethan Dickson <ethan@coder.com>	2025-10-24 16:06:44 +05:00
david-fraley	40ffb79057	fix: update bitnami image (#19892 )	2025-09-19 22:50:28 +05:00
dependabot[bot]	32b72bf571	ci: bump the github-actions group with 3 updates (#19824 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [tj-actions/changed-files](https://github.com/tj-actions/changed-files) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.13.0 to 2.13.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.1</h2> <h2>What's Changed</h2> <ul> <li> <p>Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.</p> </li> <li> <p>Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.</p> </li> <li> <p>Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.</p> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1">https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a"><code>f4a75cf</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/588">#588</a> from step-security/rc-26</li> <li><a href="https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda"><code>95503d0</code></a> ci: remove code-review workflow</li> <li><a href="https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4"><code>4b250a0</code></a> ci: add job to confirm dist is as expected</li> <li><a href="https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b"><code>5b0ab6a</code></a> update dependencies</li> <li><a href="https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366"><code>d11f2c1</code></a> fix bug where status code was not being preserved</li> <li><a href="https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5"><code>b3fc98e</code></a> improve error handling for policy store sceanrio</li> <li><a href="https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f"><code>92fc5d4</code></a> update error message</li> <li><a href="https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4"><code>b61b0a4</code></a> policy store improvements</li> <li><a href="https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577"><code>e3d3f2b</code></a> use GitHub release instead of packages</li> <li><a href="https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a"><code>646ac01</code></a> update agent</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 to 1ac60965030588f3b867cdd4a3900f37ec99970c <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.5...v47.0.0">47.0.0</a> - (2025-09-13)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef">c260d49</a>) - (Jellyfrog)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145">be393a9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0">3dbc1e1</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f">b1ccff8</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07">050a3d3</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0">a892f50</a>) - (Tonye Jack)</li> <li>Add Jellyfrog as a contributor for code, and doc (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da">f000a9b</a>) - (allcontributors[bot])</li> </ul> <h2><!-- raw HTML omitted -->🧪 Testing</h2> <ul> <li>Manual triggered workflows (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2637">#2637</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c2ca2493190021783138cb8aac49bcee14b4bb89">c2ca249</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps-dev:</strong> Bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea">9a67555</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95">b67e30d</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>) (<a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824">62aef42</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3">e874f3c</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5">8c14441</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b">e995ac4</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9">3b04099</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2651">#2651</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa">e7b6c97</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2648">#2648</a>) (<a href="https://github.com/tj-actions/changed-files/commit/765d62bc041415a5b494ef13d02d566128b25973">765d62b</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.8 to 3.29.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2647">#2647</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2036da178f85576f1940fedb74bb93a36cd89ab7">2036da1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.29.7 to 3.29.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2644">#2644</a>) (<a href="https://github.com/tj-actions/changed-files/commit/239aef84a5502c79a1cea96e495d17588c66c659">239aef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.2.0 to 24.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2645">#2645</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7d5f5f4919b6dbc6d3a3689887964361e8dd88f">a7d5f5f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2646">#2646</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5107f3abcc0c3737db51e2949f181e2c197d4d5b">5107f3a</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">f963b3f</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>) (<a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017">f956744</a>) - (dependabot[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/1ac60965030588f3b867cdd4a3900f37ec99970c"><code>1ac6096</code></a> Upgraded to v47 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2663">#2663</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/24d32ffd492484c1d75e0c0b894501ddb9d30d62"><code>24d32ff</code></a> upgrade: to node24 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2662">#2662</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9a6755550a331fdcc8ec45443738933f8fa22eea"><code>9a67555</code></a> chore(deps-dev): bump jest from 30.0.5 to 30.1.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2655">#2655</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b67e30df88f43e244f4e83775e5ad8335114fb95"><code>b67e30d</code></a> chore(deps): bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2660">#2660</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/62aef422ffa195474d80d73387535cf4622b2824"><code>62aef42</code></a> chore(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2661">#2661</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e874f3cddd0f54ae776e6995ae6dae4cf40fd3d3"><code>e874f3c</code></a> chore(deps): bump github/codeql-action from 3.29.11 to 3.30.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2659">#2659</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/8c14441336bb3d84fd6b7fa83b6d7201c740baf5...1ac60965030588f3b867cdd4a3900f37ec99970c">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.30.1 to 3.30.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.30.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.30.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.30.2</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.30.2/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the <code>codeql-action/init</code> step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the <code>codeql-action/init</code> step. <a href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a> and <a href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li> <li>We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. <a href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li> </ul> <h2>3.30.3 - 10 Sep 2025</h2> <p>No user facing changes.</p> <h2>3.30.2 - 09 Sep 2025</h2> <ul> <li>Fixed a bug which could cause language autodetection to fail. <a href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li> <li>Experimental: The <code>quality-queries</code> input that was added in <code>3.29.2</code> as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new <code>analysis-kinds</code> input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li> </ul> <h2>3.30.1 - 05 Sep 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.23.0. <a href="https://redirect.github.com/github/codeql-action/pull/3077">#3077</a></li> </ul> <h2>3.30.0 - 01 Sep 2025</h2> <ul> <li>Reduce the size of the CodeQL Action, speeding up workflows by approximately 4 seconds. <a href="https://redirect.github.com/github/codeql-action/pull/3054">#3054</a></li> </ul> <h2>3.29.11 - 21 Aug 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.4. <a href="https://redirect.github.com/github/codeql-action/pull/3044">#3044</a></li> </ul> <h2>3.29.10 - 18 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.9 - 12 Aug 2025</h2> <p>No user facing changes.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <h2>3.29.7 - 07 Aug 2025</h2> <p>This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.</p> <h2>3.29.6 - 07 Aug 2025</h2> <ul> <li>The <code>cleanup-level</code> input to the <code>analyze</code> Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. <a href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li> <li>Update default CodeQL bundle version to 2.22.3. <a href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/192325c86100d080feab897ff886c34abd4c83a3"><code>192325c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3104">#3104</a> from github/update-v3.30.3-b660efdcf</li> <li><a href="https://github.com/github/codeql-action/commit/e68956d90b7fe2260904652cd8de5d73563e4944"><code>e68956d</code></a> Update changelog for v3.30.3</li> <li><a href="https://github.com/github/codeql-action/commit/b660efdcfdfa893d74568cd884067ed18e8d6f88"><code>b660efd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3103">#3103</a> from github/mbg/fix/category-check</li> <li><a href="https://github.com/github/codeql-action/commit/e49458befe579c5a1088aacda9f2ae384da104ff"><code>e49458b</code></a> Fix <code>runInterpretResultsFor</code> using the wrong <code>AnalysisConfig</code> for <code>category</code> fix</li> <li><a href="https://github.com/github/codeql-action/commit/f374a62c8bedef779582aeb425a68f7798f2078c"><code>f374a62</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3098">#3098</a> from github/kaspersv/increase-overlay-base-size-limit</li> <li><a href="https://github.com/github/codeql-action/commit/5efa438e92992578d794ae4ceed960bf81011677"><code>5efa438</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3101">#3101</a> from github/mbg/public-repo-notice-in-pr-template</li> <li><a href="https://github.com/github/codeql-action/commit/8a84a62542ea24fd569eb5afdfb2507c25328ab9"><code>8a84a62</code></a> Overlay: Increase size limit for cached overlay base database</li> <li><a href="https://github.com/github/codeql-action/commit/eb50a881d87eb8488328fefe024ae2f6add8384f"><code>eb50a88</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3097">#3097</a> from github/redsun82/only-dump-sarif</li> <li><a href="https://github.com/github/codeql-action/commit/4c534612bf77788909753a5602e96710156f5758"><code>4c53461</code></a> Tweak sarif dump log</li> <li><a href="https://github.com/github/codeql-action/commit/dae3742b0a3b9e08acc580e15ef74bdc454d650a"><code>dae3742</code></a> Dump soon to be uploaded SARIF on request</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/f1f6e5f6af878fb37288ce1c627459e94dbf7d01...192325c86100d080feab897ff886c34abd4c83a3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-15 12:40:44 +00:00
dependabot[bot]	0b460b8d95	ci: bump the github-actions group across 1 directory with 16 updates (#19736 ) Bumps the github-actions group with 16 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.3.0` \| `5.0.0` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.35.3` \| `1.36.2` \| \| [azure/setup-helm](https://github.com/azure/setup-helm) \| `4.3.0` \| `4.3.1` \| \| [chromaui/action](https://github.com/chromaui/action) \| `13.1.3` \| `13.1.4` \| \| [actions/setup-java](https://github.com/actions/setup-java) \| `4.7.1` \| `5.0.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.12` \| `3.0.0` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.2.0` \| `3.0.1` \| \| [actions/attest](https://github.com/actions/attest) \| `2.4.0` \| `3.0.0` \| \| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) \| `2.3.4` \| `3.0.0` \| \| [actions/github-script](https://github.com/actions/github-script) \| `7.0.1` \| `8.0.0` \| \| [depot/build-push-action](https://github.com/depot/build-push-action) \| `1.15.0` \| `1.16.2` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `f963b3f3562b00b6d2dd25efc390eb04e51ef6c6` \| `8c14441336bb3d84fd6b7fa83b6d7201c740baf5` \| \| [nixbuild/nix-quick-install-action](https://github.com/nixbuild/nix-quick-install-action) \| `32` \| `33` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.8` \| `3.30.1` \| \| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) \| `0.32.0` \| `0.33.1` \| \| [actions/stale](https://github.com/actions/stale) \| `9.1.0` \| `10.0.0` \| Updates `actions/checkout` from 4.3.0 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a> Prepare v5.0.0 release (<a href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li> <li><a href="https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917"><code>9f26565</code></a> Update actions checkout to use node 24 (<a href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/08eba0b27e820071cde6df949e0beb9ba4906955...08c6903cd8c0fde910a37f88322edcfb5dd907a8">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.35.3 to 1.36.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.36.2</h2> <h2>[1.36.2] - 2025-09-04</h2> <h3>Fixes</h3> <ul> <li>Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8</li> </ul> <h2>v1.36.1</h2> <h2>[1.36.1] - 2025-09-03</h2> <h3>Fixes</h3> <ul> <li>Replaced the error rendering for various quality of life improvements</li> </ul> <h2>v1.36.0</h2> <h2>[1.36.0] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1345">August 2025</a> changes</li> </ul> <h2>v1.35.8</h2> <h2>[1.35.8] - 2025-09-02</h2> <h2>v1.35.7</h2> <h2>[1.35.7] - 2025-08-29</h2> <h3>Documentation</h3> <ul> <li>Expand PyPI metadata</li> </ul> <h2>v1.35.6</h2> <h2>[1.35.6] - 2025-08-28</h2> <h3>Fixes</h3> <ul> <li>Track <code>go.mod</code> as a golang file (regression from 1.13.21)</li> </ul> <h2>v1.35.5</h2> <h2>[1.35.5] - 2025-08-18</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>accidently</code></li> <li>Fix typo in correction to <code>dynamincally</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>messager</code></li> <li>Fix typo in correction to <code>preferables</code></li> <li>Fix typo in correction to <code>producibles</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.36.2] - 2025-09-04</h2> <h3>Fixes</h3> <ul> <li>Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8</li> </ul> <h2>[1.36.1] - 2025-09-03</h2> <h3>Fixes</h3> <ul> <li>Replaced the error rendering for various quality of life improvements</li> </ul> <h2>[1.36.0] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1345">August 2025</a> changes</li> </ul> <h2>[1.35.8] - 2025-09-02</h2> <h2>[1.35.7] - 2025-08-29</h2> <h3>Documentation</h3> <ul> <li>Expand PyPI metadata</li> </ul> <h2>[1.35.6] - 2025-08-28</h2> <h3>Fixes</h3> <ul> <li>Track <code>go.mod</code> as a golang file (regression from 1.13.21)</li> </ul> <h2>[1.35.5] - 2025-08-18</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>accidently</code></li> <li>Fix typo in correction to <code>dynamincally</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>interruptability</code></li> <li>Fix typo in correction to <code>messager</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/85f62a8a84f939ae994ab3763f01a0296d61a7ee"><code>85f62a8</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/6f26306a9140281f8f46294118abc2b5cf88a04d"><code>6f26306</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/6bd8b39b57af405b681ed2d7d563f5cdf788388f"><code>6bd8b39</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1374">#1374</a> from epage/invalid</li> <li><a href="https://github.com/crate-ci/typos/commit/f5e19d303814c9192cf68dba44e25b470ef29461"><code>f5e19d3</code></a> fix(cli): Don't panic with invalid utf-8</li> <li><a href="https://github.com/crate-ci/typos/commit/5062775d92cab861376d135b425089eba7bb719d"><code>5062775</code></a> test(cli): Generalize utf16 tests</li> <li><a href="https://github.com/crate-ci/typos/commit/b6297a6a5072df106aa9d94197f5d0533a9730bc"><code>b6297a6</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/e6d718928a2978481771e814abdc731cb904c980"><code>e6d7189</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/1bf1ed2584d38a3d8f47e0715013e092bdda3cec"><code>1bf1ed2</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1372">#1372</a> from epage/render</li> <li><a href="https://github.com/crate-ci/typos/commit/9e79b8d2c636476c043d040ddaa0413ad065f28b"><code>9e79b8d</code></a> refactor(cli): Give control over the whole group</li> <li><a href="https://github.com/crate-ci/typos/commit/a5fa6034532da62881f747a74e2bbc1f58886265"><code>a5fa603</code></a> refactor(cli): Extract snippet creation</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/52bd719c2c91f9d676e2aa359fc8e0db8925e6d8...85f62a8a84f939ae994ab3763f01a0296d61a7ee">compare view</a></li> </ul> </details> <br /> Updates `azure/setup-helm` from 4.3.0 to 4.3.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/azure/setup-helm/releases">azure/setup-helm's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <h3>Changed</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/167">#167</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/167">Pinning Action Dependencies for Security and Reliability</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/181">#181</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/181">Fix types, and update node version.</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/191">chore(tests): Mock arch to make tests pass on arm host</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/192">chore: remove unnecessary prebuild script</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/203">Update helm version retrieval to use JSON output for latest version</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/207">ci(workflows): update helm version to v3.18.4 and add matrix for tests</a></li> </ul> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/197">#197</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/197">Add pre-commit hook</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md">azure/setup-helm's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <h2>[4.3.1] - 2025-08-12</h2> <h3>Changed</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/167">#167</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/167">Pinning Action Dependencies for Security and Reliability</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/181">#181</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/181">Fix types, and update node version.</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/191">chore(tests): Mock arch to make tests pass on arm host</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/192">chore: remove unnecessary prebuild script</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/203">Update helm version retrieval to use JSON output for latest version</a></li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/207">ci(workflows): update helm version to v3.18.4 and add matrix for tests</a></li> </ul> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/197">#197</a> <a href="https://redirect.github.com/Azure/setup-helm/pull/197">Add pre-commit hook</a></li> </ul> <h2>[4.3.0] - 2025-02-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/152">#152</a> feat: log when restoring from cache</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/157">#157</a> Dependencies Update</li> <li><a href="https://redirect.github.com/azure/setup-helm/issues/137">#137</a> Add dependabot</li> </ul> <h2>[4.2.0] - 2024-04-15</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/124">#124</a> Fix OS detection and download OS-native archive extension</li> </ul> <h2>[4.1.0] - 2024-03-01</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/130">#130</a> switches to use Helm published file to read latest version instead of using GitHub releases</li> </ul> <h2>[4.0.0] - 2024-02-12</h2> <ul> <li><a href="https://redirect.github.com/azure/setup-helm/issues/121">#121</a> update to node20 as node16 is deprecated</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Azure/setup-helm/commit/1a275c3b69536ee54be43f2070a358922e12c8d4"><code>1a275c3</code></a> build</li> <li><a href="https://github.com/Azure/setup-helm/commit/9e7f762d6f65c7a11db6cd4eadcf3c602b273f47"><code>9e7f762</code></a> chore(release): v4.3.1 (<a href="https://redirect.github.com/azure/setup-helm/issues/208">#208</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/c096176d63fc5e293d360dd405e4b9ab2ddadccd"><code>c096176</code></a> Bump <code>@types/node</code> from 24.1.0 to 24.2.1 in the actions group (<a href="https://redirect.github.com/azure/setup-helm/issues/206">#206</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/5e7287287e0a62377e90be8d80c4e9520ad5676b"><code>5e72872</code></a> ci(workflows): update helm version to v3.18.4 and add matrix for tests (<a href="https://redirect.github.com/azure/setup-helm/issues/207">#207</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/fb8fa4070642059a5ed2b5d02e2992422ebb5f09"><code>fb8fa40</code></a> Update default helm version to 3.18.3 (<a href="https://redirect.github.com/azure/setup-helm/issues/194">#194</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/0d097290a8b8242b9d9c3aae2628122e860fea32"><code>0d09729</code></a> chore: remove unnecessary prebuild script (<a href="https://redirect.github.com/azure/setup-helm/issues/192">#192</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/32bc12022d790ee9f7033b2b57cd5c7c309e5333"><code>32bc120</code></a> chore(tests): Mock arch to make tests pass on arm host (<a href="https://redirect.github.com/azure/setup-helm/issues/191">#191</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/51463d68e891cc6fcd306c1f61fce342582ac53b"><code>51463d6</code></a> Bump the actions group with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/205">#205</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/aff10941b250308c1eea3c6dd4a2e8602246ba0f"><code>aff1094</code></a> Bump the actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/azure/setup-helm/issues/204">#204</a>)</li> <li><a href="https://github.com/Azure/setup-helm/commit/a10a5247d8e840d5e622e4e00cfc8b6103a9cafa"><code>a10a524</code></a> Update helm version retrieval to use JSON output for latest version (<a href="https://redirect.github.com/azure/setup-helm/issues/203">#203</a>)</li> <li>Additional commits viewable in <a href="https://github.com/azure/setup-helm/compare/b9e51907a09c216f16ebe8536097933489208112...1a275c3b69536ee54be43f2070a358922e12c8d4">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 13.1.3 to 13.1.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/d0795df816d05c4a89c80295303970fddd247cce"><code>d0795df</code></a> v13.1.4</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/58d9ffb36c90c97a02d061544ecc849cc4a242a9...d0795df816d05c4a89c80295303970fddd247cce">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 4.7.1 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Upgrade to node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p>Make sure your runner is updated to this version or newer to use this release. v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade Publish Immutable Action by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/798">actions/setup-java#798</a></li> <li>Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/730">actions/setup-java#730</a></li> <li>Upgrade undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/833">actions/setup-java#833</a></li> <li>Upgrade form-data to bring in fix for critical vulnerability by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/887">actions/setup-java#887</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/896">actions/setup-java#896</a></li> </ul> <h3>Bug Fixes</h3> <ul> <li>Prevent default installation of JetBrains pre-releases by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/859">actions/setup-java#859</a></li> <li>Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v5.0.0">https://github.com/actions/setup-java/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/dded0888837ed1f317902acf8a20df0ad188d165"><code>dded088</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/setup-java/issues/896">#896</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/0913e9a06eb8b69c62db76aa61f580c2b3a5b4e0"><code>0913e9a</code></a> Upgrade to node 24 (<a href="https://redirect.github.com/actions/setup-java/issues/888">#888</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/e9343db97e09d87a3c50e544105d99fe912c204b"><code>e9343db</code></a> Bumps form-data (<a href="https://redirect.github.com/actions/setup-java/issues/887">#887</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ae2b61dbc685e60e4427b2e8ed4f0135c6ea8597"><code>ae2b61d</code></a> Bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/actions/setup-java/issues/833">#833</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/c190c18febcf6c040d80b10ea201a05a2c320263"><code>c190c18</code></a> Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (<a href="https://redirect.github.com/actions/setup-java/issues/730">#730</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/67aec007b3fcabe15ca665bfccc1e255dd52e30d"><code>67aec00</code></a> Fix: prevent default installation of JetBrains pre-releases (<a href="https://redirect.github.com/actions/setup-java/issues/859">#859</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ebb356cc4e59bcf94f518203228485f5d40e4b58"><code>ebb356c</code></a> Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...</li> <li><a href="https://github.com/actions/setup-java/commit/f4f1212c880fdec8162ea9a6493f4495191887b4"><code>f4f1212</code></a> Update publish-immutable-actions.yml (<a href="https://redirect.github.com/actions/setup-java/issues/798">#798</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/c5195efecf7bdfc987ee8bae7a71cb8b11521c00...dded0888837ed1f317902acf8a20df0ad188d165">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.12 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump to Node 24 and remove old parameters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/508">google-github-actions/auth#508</a></li> <li>Remove hacky script by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/509">google-github-actions/auth#509</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/510">google-github-actions/auth#510</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2...v3.0.0">https://github.com/google-github-actions/auth/compare/v2...v3.0.0</a></p> <h2>v2.1.13</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/506">google-github-actions/auth#506</a></li> <li>Release: v2.1.13 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/507">google-github-actions/auth#507</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13">https://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/7c6bc770dae815cd3e89ee6cdf493a5fab2cc093"><code>7c6bc77</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/auth/issues/510">#510</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/42e4997ee345eebb9d114030d0f9e9b47829ee80"><code>42e4997</code></a> Remove hacky script (<a href="https://redirect.github.com/google-github-actions/auth/issues/509">#509</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/5ea4dc11472eebb0a541812f1063c7d318adf57e"><code>5ea4dc1</code></a> Bump to Node 24 and remove old parameters (<a href="https://redirect.github.com/google-github-actions/auth/issues/508">#508</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/c200f3691d83b41bf9bbd8638997a462592937ed"><code>c200f36</code></a> Release: v2.1.13 (<a href="https://redirect.github.com/google-github-actions/auth/issues/507">#507</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/3a53be7e7cedfadb446e102fa59e97734b2ad238"><code>3a53be7</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/506">#506</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/b7593ed2efd1c1617e1b0254da33b86225adb2a5...7c6bc770dae815cd3e89ee6cdf493a5fab2cc093">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.2.0 to 3.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>What's Changed</h2> <ul> <li>Release: v3.0.1 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/729">google-github-actions/setup-gcloud#729</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v3.0.0...v3.0.1">https://github.com/google-github-actions/setup-gcloud/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li><strong>‼️ This release requires Node 24+!</strong></li> <li><strong>‼️ The <code>skip_tool_cache</code> option has been removed!</strong> Skipping the tool cache is now the default behavior. To restore the previous behavior of using the tool cache (which is unnecessary on GitHub managed runners, but may provide performance increases on self-hosted runners), set <code>cache: true</code>.</li> </ul> <hr /> <ul> <li>Bump to node24 by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/723">google-github-actions/setup-gcloud#723</a></li> <li>Do not use the tool-cache by default by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/724">google-github-actions/setup-gcloud#724</a></li> <li>Update to use v3 references by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/725">google-github-actions/setup-gcloud#725</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/726">google-github-actions/setup-gcloud#726</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.2.1...v3.0.0">https://github.com/google-github-actions/setup-gcloud/compare/v2.2.1...v3.0.0</a></p> <h2>v3</h2> <p>Floating v3 tag</p> <h2>v2.2.1</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/720">google-github-actions/setup-gcloud#720</a></li> <li>Bump to the latest actions-utils to fix the gen-readme bug by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/721">google-github-actions/setup-gcloud#721</a></li> <li>Release: v2.2.1 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/722">google-github-actions/setup-gcloud#722</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.2.1">https://github.com/google-github-actions/setup-gcloud/compare/v2...v2.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/aa5489c8933f4cc7a4f7d45035b3b1440c9c10db"><code>aa5489c</code></a> Release: v3.0.1 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/729">#729</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/26f734c2779b00b7dda794207734c511110a4368"><code>26f734c</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/726">#726</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/d26df95ce13fba88a7c3f942b50bab0a6e17dc95"><code>d26df95</code></a> Update to use v3 references (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/725">#725</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/f7c29183d6310acc4d89a82a2e4a06374e259082"><code>f7c2918</code></a> Do not use the tool-cache by default (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/724">#724</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/6387e6954450355c9cd00e752f0b5e6a07078e1a"><code>6387e69</code></a> Bump to node24 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/723">#723</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/e427ad8a34f8676edf47cf7d7925499adf3eb74f"><code>e427ad8</code></a> Release: v2.2.1 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/722">#722</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/d71efb74bd86be0c5c0035758f8b5b9069ef835f"><code>d71efb7</code></a> Bump to the latest actions-utils to fix the gen-readme bug (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/721">#721</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/ed8ba68de5f95fc08e400796581a06a4acab88ae"><code>ed8ba68</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/720">#720</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/cb1e50a9932213ecece00a606661ae9ca44f3397...aa5489c8933f4cc7a4f7d45035b3b1440c9c10db">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.4.0 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump form-data from 4.0.0 to 4.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/266">actions/attest#266</a></li> <li>Bump <code>@sigstore/oci</code> from 0.5.0 to 0.6.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/attest/pull/271">actions/attest#271</a></li> <li>Upgrade to Node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> / <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/276">actions/attest#276</a></li> <li>Improved checksum parsing by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/280">actions/attest#280</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p>v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2.4.0...v3.0.0">https://github.com/actions/attest/compare/v2.4.0...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/daf44fb950173508f38bd2406030372c1d1162b1"><code>daf44fb</code></a> improved checksum parsing (<a href="https://redirect.github.com/actions/attest/issues/280">#280</a>)</li> <li><a href="https://github.com/actions/attest/commit/eda10f897a7c40837fe73266c10a25e1046b87ff"><code>eda10f8</code></a> Upgrade to Node 24 (<a href="https://redirect.github.com/actions/attest/issues/276">#276</a>)</li> <li><a href="https://github.com/actions/attest/commit/1e2321d2815b6c07c5479f3309d67a7698b091a1"><code>1e2321d</code></a> remove super-linter (<a href="https://redirect.github.com/actions/attest/issues/283">#283</a>)</li> <li><a href="https://github.com/actions/attest/commit/aecfe99586992ebf9c025e2fb6ebb78f4f445055"><code>aecfe99</code></a> Bump the npm-development group across 1 directory with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/282">#282</a>)</li> <li><a href="https://github.com/actions/attest/commit/03f25d860248eee1946e81e6ad8d2420e4de03f3"><code>03f25d8</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/273">#273</a>)</li> <li><a href="https://github.com/actions/attest/commit/0fca5a6fa3c943b77f214acb62a366c247a8469e"><code>0fca5a6</code></a> use absolute path in linter config (<a href="https://redirect.github.com/actions/attest/issues/275">#275</a>)</li> <li><a href="https://github.com/actions/attest/commit/238c03f77f9c851e5129d01004ff41fa0c755c35"><code>238c03f</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/attest/issues/272">#272</a>)</li> <li><a href="https://github.com/actions/attest/commit/9c3e2717a6a9e8eafa4f389f0874b682bcb6f052"><code>9c3e271</code></a> Bump <code>@sigstore/oci</code> from 0.5.0 to 0.6.0 (<a href="https://redirect.github.com/actions/attest/issues/271">#271</a>)</li> <li><a href="https://github.com/actions/attest/commit/b40d9fa17a9e7bc51fb727ac9b6dae3ea1da6fa3"><code>b40d9fa</code></a> Bump the npm-development group with 8 updates (<a href="https://redirect.github.com/actions/attest/issues/270">#270</a>)</li> <li><a href="https://github.com/actions/attest/commit/e831e0e28dfaff51bc0c846aef5bb4195609318f"><code>e831e0e</code></a> Bump form-data from 4.0.0 to 4.0.4 (<a href="https://redirect.github.com/actions/attest/issues/266">#266</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc...daf44fb950173508f38bd2406030372c1d1162b1">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/get-gke-credentials` from 2.3.4 to 3.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>Bump to Node 24 by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/339">google-github-actions/get-gke-credentials#339</a></li> <li>Release: v3.0.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/340">google-github-actions/get-gke-credentials#340</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2...v3.0.0">https://github.com/google-github-actions/get-gke-credentials/compare/v2...v3.0.0</a></p> <h2>v2.3.5</h2> <h2>What's Changed</h2> <ul> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/337">google-github-actions/get-gke-credentials#337</a></li> <li>Release: v2.3.5 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/338">google-github-actions/get-gke-credentials#338</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.4...v2.3.5">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.4...v2.3.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/3da1e46a907576cefaa90c484278bb5b259dd395"><code>3da1e46</code></a> Release: v3.0.0 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/340">#340</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/a1565805d2a41ba5f23190da0a27b6c53ae74250"><code>a156580</code></a> Bump to Node 24 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/339">#339</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/64bc7249bbcf78056bb92f14d3cedc2da193946c"><code>64bc724</code></a> Release: v2.3.5 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/338">#338</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/9de2e29024e4aeff8cf37aaa326508267ea011fc"><code>9de2e29</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/337">#337</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/get-gke-credentials/compare/8e574c49425fa7efed1e74650a449bfa6a23308a...3da1e46a907576cefaa90c484278bb5b259dd395">compare view</a></li> </ul> </details> <br /> Updates `actions/github-script` from 7.0.1 to 8.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/github-script/releases">actions/github-script's releases</a>.</em></p> <blockquote> <h2>v8.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update Node.js version support to 24.x by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li>README for updating actions/github-script from v7 to v8 by <a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li> <li><a href="https://github.com/sneha-krip"><code>@sneha-krip</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v7.1.0...v8.0.0">https://github.com/actions/github-script/compare/v7.1.0...v8.0.0</a></p> <h2>v7.1.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade husky to v9 by <a href="https://github.com/benelan"><code>@benelan</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li> <li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/486">actions/github-script#486</a></li> <li>Fix workflow status badges by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/497">actions/github-script#497</a></li> <li>Update usage of <code>actions/upload-artifact</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/512">actions/github-script#512</a></li> <li>Clear up package name confusion by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/514">actions/github-script#514</a></li> <li>Update dependencies with <code>npm audit fix</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/515">actions/github-script#515</a></li> <li>Specify that the used script is JavaScript by <a href="https://github.com/timotk"><code>@timotk</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li> <li>chore: Add Dependabot for NPM and Actions by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/472">actions/github-script#472</a></li> <li>Define <code>permissions</code> in workflows and update actions by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/531">actions/github-script#531</a></li> <li>chore: Add Dependabot for .github/actions/install-dependencies by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/532">actions/github-script#532</a></li> <li>chore: Remove .vscode settings by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/533">actions/github-script#533</a></li> <li>ci: Use github/setup-licensed by <a href="https://github.com/nschonni"><code>@nschonni</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/473">actions/github-script#473</a></li> <li>make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by <a href="https://github.com/iamstarkov"><code>@iamstarkov</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li> <li>Remove <code>octokit</code> README updates for v7 by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/557">actions/github-script#557</a></li> <li>docs: add "exec" usage examples by <a href="https://github.com/neilime"><code>@neilime</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li> <li>Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/github-script/pull/563">actions/github-script#563</a></li> <li>Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/github-script/pull/575">actions/github-script#575</a></li> <li>Clearly document passing inputs to the <code>script</code> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/603">actions/github-script#603</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benelan"><code>@benelan</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li> <li><a href="https://github.com/timotk"><code>@timotk</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li> <li><a href="https://github.com/iamstarkov"><code>@iamstarkov</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li> <li><a href="https://github.com/neilime"><code>@neilime</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/github-script/compare/v7...v7.1.0">https://github.com/actions/github-script/compare/v7...v7.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd"><code>ed59741</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/653">#653</a> from actions/sneha-krip/readme-for-v8</li> <li><a href="https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3"><code>2dc352e</code></a> Bold minimum Actions Runner version in README</li> <li><a href="https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1"><code>01e118c</code></a> Update README for Node 24 runtime requirements</li> <li><a href="https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b"><code>8b222ac</code></a> Apply suggestion from <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a></li> <li><a href="https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25"><code>adc0eea</code></a> README for updating actions/github-script from v7 to v8</li> <li><a href="https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425"><code>20fe497</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/637">#637</a> from actions/node24</li> <li><a href="https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164"><code>e7b7f22</code></a> update licenses</li> <li><a href="https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b"><code>2c81ba0</code></a> Update Node.js version support to 24.x</li> <li><a href="https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b"><code>f28e40c</code></a> Merge pull request <a href="https://redirect.github.com/actions/github-script/issues/610">#610</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3"><code>1ae9958</code></a> Update README.md</li> <li>Additional commits viewable in <a href="https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd">compare view</a></li> </ul> </details> <br /> Updates `depot/build-push-action` from 1.15.0 to 1.16.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/depot/build-push-action/releases">depot/build-push-action's releases</a>.</em></p> <blockquote> <h2>v1.16.2</h2> <h2>What's Changed</h2> <ul> <li>Use ubuntu-latest for release workflow (<a href="https://redirect.github.com/depot/build-push-action/issues/42">#42</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.16.1</h2> <h2>What's Changed</h2> <ul> <li>Update <code>@depot/actions-public-oidc-client</code> to v1.1.0 (<a href="https://redirect.github.com/depot/build-push-action/issues/41">#41</a>) <a href="https://github.com/jacobwgillespie"><code>@jacobwgillespie</code></a></li> </ul> <h2>v1.16.0</h2> <h2>What's Changed</h2> <ul> <li>Add support for annotations (<a href="https://redirect.github.com/depot/build-push-action/issues/38">#38</a>) <a href="https://github.com/zanieb"><code>@zanieb</code></a></li> <li>feat: add <code>save-tags</code> for multiple depot registry tags (<a href="https://redirect.github.com/depot/build-push-action/issues/40">#40</a>) <a href="https://github.com/goller"><code>@goller</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/depot/build-push-action/commit/9785b135c3c76c33db102e45be96a25ab55cd507"><code>9785b13</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/42">#42</a> from depot/latest</li> <li><a href="https://github.com/depot/build-push-action/commit/7a65e80415392c68bece25b0881703a9ff3e55c5"><code>7a65e80</code></a> Use ubuntu-latest for release workflow</li> <li><a href="https://github.com/depot/build-push-action/commit/0781b3393f28b17fe7982ea3fabe715825b35fad"><code>0781b33</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/41">#41</a> from depot/updates</li> <li><a href="https://github.com/depot/build-push-action/commit/d5d8e086fdcca080fa6279ece582eee909994026"><code>d5d8e08</code></a> Deduplicate dependencies</li> <li><a href="https://github.com/depot/build-push-action/commit/801feb102f76406603cd2a12b4146a7e5af86a34"><code>801feb1</code></a> Update <code>@depot/actions-public-oidc-client</code> to v1.1.0</li> <li><a href="https://github.com/depot/build-push-action/commit/0b7423b11016b0349604e22d7ea01b078bed6c70"><code>0b7423b</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/38">#38</a> from zanieb/zb/annotations</li> <li><a href="https://github.com/depot/build-push-action/commit/57a5fb2c1acdc2d3fa72bcd36b20f1ea326890de"><code>57a5fb2</code></a> Merge branch 'main' into zb/annotations</li> <li><a href="https://github.com/depot/build-push-action/commit/3ebc0d44eced926ba1bb3f8d1e29794031973ca1"><code>3ebc0d4</code></a> Merge pull request <a href="https://redirect.github.com/depot/build-push-action/issues/40">#40</a> from depot/feat/save-tags</li> <li><a href="https://github.com/depot/build-push-action/commit/d662c5a48fd5747bf4dce16d8484eb3ebf98ad2c"><code>d662c5a</code></a> feat: add <code>save-tags</code> for multiple depot registry tags</li> <li><a href="https://github.com/depot/build-push-action/commit/06fcbb73efc9fb42f4df83c43e283a2170c8f9cf"><code>06fcbb7</code></a> Add support for annotations</li> <li>See full diff in <a href="https://github.com/depot/build-push-action/compare/2583627a84956d07561420dcc1d0eb1f2af3fac0...9785b135c3c76c33db102e45be96a25ab55cd507">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 to 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/8c14441336bb3d84fd6b7fa83b6d7201c740baf5"><code>8c14441</code></a> chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2656">#2656</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e995ac4be5be2bcb6e29556edc51fb63aca6b49b"><code>e995ac4</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.3.0 to 24.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2657">#2657</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3b04099b21072562f07469c10deb182b24236ca9"><code>3b04099</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.2.1 to 24.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2649">#2649</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e7b6c977e51984988e3cc1d6b18abe2a3ba8daaa"><code>e7b6c97</code></a> chore(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (<a href="h... _Description has been truncated_ Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-09-08 11:55:07 +00:00
Dean Sheather	8d0bc485df	chore: add actionlint and zizmor linters (#19459 )	2025-08-21 22:14:43 +10:00
Ethan	fb8036a154	ci: fix gcp service accounts (#19312 ) Service accounts got deleted, oops	2025-08-12 22:02:56 +10:00
dependabot[bot]	cbcdda25dc	ci: bump the github-actions group with 8 updates (#19293 ) Bumps the github-actions group with 8 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.2.2` \| `4.3.0` \| \| [actions/cache](https://github.com/actions/cache) \| `4.2.3` \| `4.2.4` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.34.0` \| `1.35.3` \| \| [docker/login-action](https://github.com/docker/login-action) \| `3.4.0` \| `3.5.0` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.1.5` \| `2.2.0` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `4.3.0` \| `5.0.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `c2ca2493190021783138cb8aac49bcee14b4bb89` \| `f963b3f3562b00b6d2dd25efc390eb04e51ef6c6` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.7` \| `3.29.8` \| Updates `actions/checkout` from 4.2.2 to 4.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08eba0b27e820071cde6df949e0beb9ba4906955"><code>08eba0b</code></a> Prepare release v4.3.0 (<a href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li> <li><a href="https://github.com/actions/checkout/commit/631c7dc4f80f88219c5ee78fee08c6b62fac8da1"><code>631c7dc</code></a> Update package dependencies (<a href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li> <li><a href="https://github.com/actions/checkout/commit/8edcb1bdb4e267140fa742c62e395cd74f332709"><code>8edcb1b</code></a> Update CODEOWNERS for actions (<a href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li> <li><a href="https://github.com/actions/checkout/commit/09d2acae674a48949e3602304ab46fd20ae0c42f"><code>09d2aca</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li> <li><a href="https://github.com/actions/checkout/commit/85e6279cec87321a52edac9c87bce653a07cf6c2"><code>85e6279</code></a> Adjust positioning of user email note and permissions heading (<a href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li> <li><a href="https://github.com/actions/checkout/commit/009b9ae9e446ad8d9b8c809870b0fbcc5e03573e"><code>009b9ae</code></a> Documentation update - add recommended permissions to Readme (<a href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li> <li><a href="https://github.com/actions/checkout/commit/cbb722410c2e876e24abbe8de2cc27693e501dcb"><code>cbb7224</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li> <li><a href="https://github.com/actions/checkout/commit/3b9b8c884f6b4bb4d5be2779c26374abadae0871"><code>3b9b8c8</code></a> docs: update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08eba0b27e820071cde6df949e0beb9ba4906955">compare view</a></li> </ul> </details> <br /> Updates `actions/cache` from 4.2.3 to 4.2.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.2.4</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li> <li>Upgrade <code>@actions/cache</code> to <code>4.0.5</code> and move <code>@protobuf-ts/plugin</code> to dev depdencies by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1634">actions/cache#1634</a></li> <li>Prepare release <code>4.2.4</code> by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/cache/pull/1636">actions/cache#1636</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1620">actions/cache#1620</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v4...v4.2.4">https://github.com/actions/cache/compare/v4...v4.2.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>4.2.4</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.5</li> </ul> <h3>4.2.3</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token in debug logs for cache entries)</li> </ul> <h3>4.2.2</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.2</li> </ul> <h3>4.2.1</h3> <ul> <li>Bump <code>@actions/cache</code> to v4.0.1</li> </ul> <h3>4.2.0</h3> <p>TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. <a href="https://github.com/actions/cache">actions/cache</a> now integrates with the new cache service (v2) APIs.</p> <p>The new service will gradually roll out as of <strong>February 1st, 2025</strong>. The legacy service will also be sunset on the same date. Changes in these release are <strong>fully backward compatible</strong>.</p> <p><strong>We are deprecating some versions of this action</strong>. We recommend upgrading to version <code>v4</code> or <code>v3</code> as soon as possible before <strong>February 1st, 2025.</strong> (Upgrade instructions below).</p> <p>If you are using pinned SHAs, please use the SHAs of versions <code>v4.2.0</code> or <code>v3.4.0</code></p> <p>If you do not upgrade, all workflow runs using any of the deprecated <a href="https://github.com/actions/cache">actions/cache</a> will fail.</p> <p>Upgrading to the recommended versions will not break your workflows.</p> <h3>4.1.2</h3> <ul> <li>Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - <a href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li> <li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li> </ul> <h3>4.1.1</h3> <ul> <li>Restore original behavior of <code>cache-hit</code> output - <a href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li> </ul> <h3>4.1.0</h3> <ul> <li>Ensure <code>cache-hit</code> output is set when a cache is missed - <a href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li> <li>Deprecate <code>save-always</code> input - <a href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li> </ul> <h3>4.0.2</h3> <ul> <li>Fixed restore <code>fail-on-cache-miss</code> not working.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/0400d5f644dc74513175e3cd8d07132dd4860809"><code>0400d5f</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1636">#1636</a> from actions/Link-/release-4.2.4</li> <li><a href="https://github.com/actions/cache/commit/374a27f26986edd8c430f386d152a856e179c0ae"><code>374a27f</code></a> Prepare release 4.2.4</li> <li><a href="https://github.com/actions/cache/commit/358a7306cd9d78ceffc19271e69cd8528462fccf"><code>358a730</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1634">#1634</a> from actions/Link-/optimise-deps</li> <li><a href="https://github.com/actions/cache/commit/2ee706ef74683b68fd97d45e549070fc28642768"><code>2ee706e</code></a> Fix with another approach</li> <li><a href="https://github.com/actions/cache/commit/94f7b5d9135a3af2d928e87120da293c9a920f90"><code>94f7b5d</code></a> Fix bundle exec</li> <li><a href="https://github.com/actions/cache/commit/c36116c3f4852e9868973e98be949d101f296afa"><code>c36116c</code></a> Fix the workflow to use licensed from source</li> <li><a href="https://github.com/actions/cache/commit/320fe7d56bfd8d9e7b7694dce399643f5b61d580"><code>320fe7d</code></a> Update the licensed workflow to use the latest version</li> <li><a href="https://github.com/actions/cache/commit/d81cc477d92d48462edee5b1e53b15613993e818"><code>d81cc47</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/de243982c557f21f36de55f0c01cd6a8e7a6aa71"><code>de24398</code></a> Add licensed output</li> <li><a href="https://github.com/actions/cache/commit/e7b6a9cc9d34d03fd2bf2834b35a8b9e82faa8e5"><code>e7b6a9c</code></a> <code>@protobuf-ts/plugin</code> to dev dependencies</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/5a3ec84eff668545956fd18022155c47e93e2684...0400d5f644dc74513175e3cd8d07132dd4860809">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.34.0 to 1.35.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.35.3</h2> <h2>[1.35.3] - 2025-08-08</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>ratatui</code> in Rust files</li> </ul> <h2>v1.35.2</h2> <h2>[1.35.2] - 2025-08-07</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>unmarshaling</code></li> </ul> <h2>v1.35.1</h2> <h2>[1.35.1] - 2025-08-04</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>apostroph</code></li> <li>Fix typo in correction to <code>cordinate</code></li> <li>Fix typo in correction to <code>reproduceability</code></li> <li>Fix typo in correction to <code>revolutionss</code></li> <li>Fix typo in correction to <code>transivity</code></li> </ul> <h2>v1.35.0</h2> <h2>[1.35.0] - 2025-08-04</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1331">July 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.35.3] - 2025-08-08</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>ratatui</code> in Rust files</li> </ul> <h2>[1.35.2] - 2025-08-07</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>unmarshaling</code></li> </ul> <h2>[1.35.1] - 2025-08-04</h2> <h3>Fixes</h3> <ul> <li>Fix typo in correction to <code>apostroph</code></li> <li>Fix typo in correction to <code>cordinate</code></li> <li>Fix typo in correction to <code>reproduceability</code></li> <li>Fix typo in correction to <code>revolutionss</code></li> <li>Fix typo in correction to <code>transivity</code></li> </ul> <h2>[1.35.0] - 2025-08-04</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1331">July 2025</a> changes</li> </ul> <h2>[1.34.0] - 2025-06-30</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1309">June 2025</a> changes</li> </ul> <h2>[1.33.1] - 2025-06-02</h2> <h3>Fixes</h3> <ul> <li><em>(dict)</em> Don't correct <code>wasn't</code> to <code>wasm't</code></li> </ul> <h2>[1.33.0] - 2025-06-02</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/52bd719c2c91f9d676e2aa359fc8e0db8925e6d8"><code>52bd719</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/c6f77dda9e9bf82551f03a500347eb06ce8a90b1"><code>c6f77dd</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/e35d08c453d5ac2a4630b633dbb63e819b129193"><code>e35d08c</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1353">#1353</a> from Rolv-Apneseth/ratatui</li> <li><a href="https://github.com/crate-ci/typos/commit/9d6691bc8cf087436d192d03414b9c2420570343"><code>9d6691b</code></a> fix: Ignore <code>ratatui</code> in Rust files</li> <li><a href="https://github.com/crate-ci/typos/commit/f1231bc2bcc92b2b18da70a877cf89afce08dd42"><code>f1231bc</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/66def6387b9bb7954423333521eed23e75651f6e"><code>66def63</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/623f09b5bc658227e7e051fc494f3af24030d1cf"><code>623f09b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/1080316783320230c1f65e1c374e44dfc13829c6"><code>1080316</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/442605b52920ac6faab2e457d3bafc0a6d05a5d1"><code>442605b</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1352">#1352</a> from epage/marshaling</li> <li><a href="https://github.com/crate-ci/typos/commit/983f866bac2164c77fc4ad8a06cdb0738c38ddba"><code>983f866</code></a> fix(dict): Don't correct marshaling</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/392b78fe18a52790c53f42456e46124f77346842...52bd719c2c91f9d676e2aa359fc8e0db8925e6d8">compare view</a></li> </ul> </details> <br /> Updates `docker/login-action` from 3.4.0 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <ul> <li>Support dual-stack endpoints for AWS ECR by <a href="https://github.com/Spacefish"><code>@Spacefish</code></a> <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/874">docker/login-action#874</a> <a href="https://redirect.github.com/docker/login-action/pull/876">docker/login-action#876</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.859.0 in <a href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a> <a href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.57.0 to 0.62.1 in <a href="https://redirect.github.com/docker/login-action/pull/870">docker/login-action#870</a></li> <li>Bump form-data from 2.5.1 to 2.5.5 in <a href="https://redirect.github.com/docker/login-action/pull/875">docker/login-action#875</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.4.0...v3.5.0">https://github.com/docker/login-action/compare/v3.4.0...v3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/184bdaa0721073962dff0199f1fb9940f07167d1"><code>184bdaa</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/878">#878</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/5c6bc94683baa064818f51e7417087c2ac58b32c"><code>5c6bc94</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/caf405864315c6006c5581b540e5047cf728b4e7"><code>caf4058</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/ef38ec311a7df3f01475313e7c5bb584b74b112a"><code>ef38ec3</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/860">#860</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/d52e8ef81c0de894e9c95bed8de0ee5955ec7eb7"><code>d52e8ef</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/9644ab7025be3206ff4b12f1531a1b6919022b00"><code>9644ab7</code></a> build(deps): bump the aws-sdk-dependencies group with 2 updates</li> <li><a href="https://github.com/docker/login-action/commit/7abd1d512621d8896b31f4ea992d207f15915ad6"><code>7abd1d5</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/875">#875</a> from docker/dependabot/npm_and_yarn/form-data-2.5.5</li> <li><a href="https://github.com/docker/login-action/commit/1a81202c4fda440f3b33eca3381d5d39c7efe85e"><code>1a81202</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/876">#876</a> from crazy-max/aws-public-dual-stack</li> <li><a href="https://github.com/docker/login-action/commit/d1ab30dc54161cbfd704562857677edf4dd7837a"><code>d1ab30d</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/f25ff28d1c8cd9a7c35896711238fed682755e1c"><code>f25ff28</code></a> support dual-stack for aws public ecr</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/74a5d142397b4f367a81961eba4e8cd7edddf772...184bdaa0721073962dff0199f1fb9940f07167d1">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.1.5 to 2.2.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v2.2.0</h2> <h2>What's Changed</h2> <ul> <li>Introduce an option to skip the tool cache by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/718">google-github-actions/setup-gcloud#718</a></li> <li>Release: v2.2.0 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/719">google-github-actions/setup-gcloud#719</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.5...v2.2.0">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.5...v2.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/cb1e50a9932213ecece00a606661ae9ca44f3397"><code>cb1e50a</code></a> Release: v2.2.0 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/719">#719</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/ef52f8c087fe78d43262625448b746144fe6448c"><code>ef52f8c</code></a> Introduce an option to skip the tool cache (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/718">#718</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9...cb1e50a9932213ecece00a606661ae9ca44f3397">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.3.0 to 5.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/407">actions/download-artifact#407</a></li> <li>BREAKING fix: inconsistent path behavior for single artifact downloads by ID by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/416">actions/download-artifact#416</a></li> </ul> <h2>v5.0.0</h2> <h3>🚨 Breaking Change</h3> <p>This release fixes an inconsistency in path behavior for single artifact downloads by ID. <strong>If you're downloading single artifacts by ID, the output path may change.</strong></p> <h4>What Changed</h4> <p>Previously, <strong>single artifact downloads</strong> behaved differently depending on how you specified the artifact:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (direct)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/my-artifact/</code> (nested)</li> </ul> <p>Now both methods are consistent:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (unchanged)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/</code> (fixed - now direct)</li> </ul> <h4>Migration Guide</h4> <h5>✅ No Action Needed If:</h5> <ul> <li>You download artifacts by <strong>name</strong></li> <li>You download <strong>multiple</strong> artifacts by ID</li> <li>You already use <code>merge-multiple: true</code> as a workaround</li> </ul> <h5>⚠️ Action Required If:</h5> <p>You download <strong>single artifacts by ID</strong> and your workflows expect the nested directory structure.</p> <p><strong>Before v5 (nested structure):</strong></p> <pre lang="yaml"><code>- uses: actions/download-artifact@v4 with: artifact-ids: 12345 path: dist # Files were in: dist/my-artifact/ </code></pre> <blockquote> <p>Where <code>my-artifact</code> is the name of the artifact you previously uploaded</p> </blockquote> <p><strong>To maintain old behavior (if needed):</strong></p> <pre lang="yaml"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/634f93cb2916e3fdff6788551b99b062d0335ce0"><code>634f93c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/416">#416</a> from actions/single-artifact-id-download-path</li> <li><a href="https://github.com/actions/download-artifact/commit/b19ff4302770b82aa4694b63703b547756dacce6"><code>b19ff43</code></a> refactor: resolve download path correctly in artifact download tests (mainly ...</li> <li><a href="https://github.com/actions/download-artifact/commit/e262cbee4ab8c473c61c59a81ad8e9dc760e90db"><code>e262cbe</code></a> bundle dist</li> <li><a href="https://github.com/actions/download-artifact/commit/bff23f9308ceb2f06d673043ea6311519be6a87b"><code>bff23f9</code></a> update docs</li> <li><a href="https://github.com/actions/download-artifact/commit/fff8c148a8fdd56aa81fcb019f0b5f6c65700c4d"><code>fff8c14</code></a> fix download path logic when downloading a single artifact by id</li> <li><a href="https://github.com/actions/download-artifact/commit/448e3f862ab3ef47aa50ff917776823c9946035b"><code>448e3f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/407">#407</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/47225c44b359a5155efdbbbc352041b3e249fb1b"><code>47225c4</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...634f93cb2916e3fdff6788551b99b062d0335ce0">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from c2ca2493190021783138cb8aac49bcee14b4bb89 to f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <41898282+github-actions[bot]<a href="https://github.com/users"><code>@users</code></a>.noreply.github.com> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/f963b3f3562b00b6d2dd25efc390eb04e51ef6c6"><code>f963b3f</code></a> chore(deps-dev): bump <code>@types/node</code> from 24.1.0 to 24.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2640">#2640</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/f956744105e18d78bba3844a1199ce43d6503017"><code>f956744</code></a> chore(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2641">#2641</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9009babdfafec9874564eacad3fb7006205ba31a"><code>9009bab</code></a> chore(deps): bump yaml from 2.8.0 to 2.8.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2642">#2642</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2ecafed8a9a7bcf95ff103a3753b27e044af2736"><code>2ecafed</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.5.3 to 5.5.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2643">#2643</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/8cdfb7636d150253dee416a80f11c67f5ba7e9be"><code>8cdfb76</code></a> chore(deps): bump tj-actions/eslint-changed-files from 25.3.1 to 25.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2638">#2638</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/087c158d0f1269d7ac8571378b39f3130f96a736"><code>087c158</code></a> chore(deps-dev): bump ts-jest from 29.4.0 to 29.4.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2639">#2639</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/c2ca2493190021783138cb8aac49bcee14b4bb89...f963b3f3562b00b6d2dd25efc390eb04e51ef6c6">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.7 to 3.29.8 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.8</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.8/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.8 - 08 Aug 2025</h2> <ul> <li>Fix an issue where the Action would autodetect unsupported languages such as HTML. <a href="https://redirect.github.com/github/codeql-action/pull/3015">#3015</a></li> </ul> <h2>3.29.7 - 07 Aug 2025</h2> <p>This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.</p> <h2>3.29.6 - 07 Aug 2025</h2> <ul> <li>The <code>cleanup-level</code> input to the <code>analyze</code> Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. <a href="https://redirect.github.com/github/codeql-action/pull/2999">#2999</a></li> <li>Update default CodeQL bundle version to 2.22.3. <a href="https://redirect.github.com/github/codeql-action/pull/3000">#3000</a></li> </ul> <h2>3.29.5 - 29 Jul 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.2. <a href="https://redirect.github.com/github/codeql-action/pull/2986">#2986</a></li> </ul> <h2>3.29.4 - 23 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.21 - 28 July 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/76621b61decf072c1cee8dd1ce2d2a82d33c17ed"><code>76621b6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3019">#3019</a> from github/update-v3.29.8-679a40d33</li> <li><a href="https://github.com/github/codeql-action/commit/29ac3cefbb645d41622f6f9baa1415e06d73cf06"><code>29ac3ce</code></a> Add release notes for 3.29.7</li> <li><a href="https://github.com/github/codeql-action/commit/737cfdebe687c6e720fb99761f23d89751c3b93a"><code>737cfde</code></a> Update changelog for v3.29.8</li> <li><a href="https://github.com/github/codeql-action/commit/679a40d337fedd9b7318253dd72bfe7dc6d1886c"><code>679a40d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3014">#3014</a> from github/henrymercer/rebuild-dispatch</li> <li><a href="https://github.com/github/codeql-action/commit/6fe50b283a3d2e5533299f72d99216cd8815500f"><code>6fe50b2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3015">#3015</a> from github/henrymercer/language-autodetection-worka...</li> <li><a href="https://github.com/github/codeql-action/commit/6bc91d64f66d435200c8ba85c64878c3cbfad33b"><code>6bc91d6</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/6b4fedca4f3428195d7ba1ca7c7404f9ea472911"><code>6b4fedc</code></a> Bump Action patch version</li> <li><a href="https://github.com/github/codeql-action/commit/5794ffcb4ab0e87e4b8a8446ef048488303db295"><code>5794ffc</code></a> Fix auto-detection of extractors that aren't languages</li> <li><a href="https://github.com/github/codeql-action/commit/bd62bf449cd8695f818546752cc8157693e1716c"><code>bd62bf4</code></a> Finish in-progress merges</li> <li><a href="https://github.com/github/codeql-action/commit/2afb4e6f3c84ec0534284f2b47ae8206dcb401bf"><code>2afb4e6</code></a> Avoid specifying branch unnecessarily</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/51f77329afa6477de8c49fc9c7046c15b9a4e79d...76621b61decf072c1cee8dd1ce2d2a82d33c17ed">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-11 16:10:46 +00:00
dependabot[bot]	6b141d76de	ci: bump the github-actions group with 6 updates (#18938 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.2` \| `2.13.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.10` \| `2.1.11` \| \| [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) \| `2.1.4` \| `2.1.5` \| \| [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) \| `2.3.3` \| `2.3.4` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.29.2` \| `3.29.3` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.6` \| `1.3.7` \| Updates `step-security/harden-runner` from 2.12.2 to 2.13.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.0</h2> <h2>What's Changed</h2> <ul> <li>Improved job markdown summary</li> <li>Https monitoring for all domains (included with the enterprise tier)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a> from step-security/rc-24</li> <li><a href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a> feat: get job summary from API</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.10 to 2.1.11 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v2.1.11</h2> <h2>What's Changed</h2> <ul> <li>Update troubleshooting docs for Python by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/488">google-github-actions/auth#488</a></li> <li>Add linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/499">google-github-actions/auth#499</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/500">google-github-actions/auth#500</a></li> <li>Release: v2.1.11 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/501">google-github-actions/auth#501</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11">https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/140bb5113ffb6b65a7e9b937a81fa96cf5064462"><code>140bb51</code></a> Release: v2.1.11 (<a href="https://redirect.github.com/google-github-actions/auth/issues/501">#501</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/ab3132e2ad698521ee1355566103fa838732e48c"><code>ab3132e</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/500">#500</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/25b96bac992fdf64486c6fd3fd3d9c4cddb3a812"><code>25b96ba</code></a> Add linters (<a href="https://redirect.github.com/google-github-actions/auth/issues/499">#499</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/0920706a19e9d22c3d0da43d1db5939c6ad837a8"><code>0920706</code></a> Update troubleshooting docs for Python (<a href="https://redirect.github.com/google-github-actions/auth/issues/488">#488</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/ba79af03959ebeac9769e648f473a284504d9193...140bb5113ffb6b65a7e9b937a81fa96cf5064462">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/setup-gcloud` from 2.1.4 to 2.1.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud's releases</a>.</em></p> <blockquote> <h2>v2.1.5</h2> <h2>What's Changed</h2> <ul> <li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/711">google-github-actions/setup-gcloud#711</a></li> <li>Update linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/715">google-github-actions/setup-gcloud#715</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/716">google-github-actions/setup-gcloud#716</a></li> <li>Release: v2.1.5 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/setup-gcloud/pull/717">google-github-actions/setup-gcloud#717</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9"><code>6a7c903</code></a> Release: v2.1.5 (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/717">#717</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/e838bc6edfe3907980c74d5aad506fd6e173b0d6"><code>e838bc6</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/716">#716</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/98d8f78fcc2354c736499a506ad9e7be3f4c2640"><code>98d8f78</code></a> Update linters (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/715">#715</a>)</li> <li><a href="https://github.com/google-github-actions/setup-gcloud/commit/a8b58010a5b2a061afd605f50e88629c9ec7536b"><code>a8b5801</code></a> security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group (<a href="https://redirect.github.com/google-github-actions/setup-gcloud/issues/711">#711</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/setup-gcloud/compare/77e7a554d41e2ee56fc945c52dfd3f33d12def9a...6a7c903a70c8625ed6700fa299f5ddb4ca6022e9">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/get-gke-credentials` from 2.3.3 to 2.3.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials's releases</a>.</em></p> <blockquote> <h2>v2.3.4</h2> <h2>What's Changed</h2> <ul> <li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/333">google-github-actions/get-gke-credentials#333</a></li> <li>Update linters by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/334">google-github-actions/get-gke-credentials#334</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/335">google-github-actions/get-gke-credentials#335</a></li> <li>Release: v2.3.4 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/336">google-github-actions/get-gke-credentials#336</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/8e574c49425fa7efed1e74650a449bfa6a23308a"><code>8e574c4</code></a> Release: v2.3.4 (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/336">#336</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/820551c1d9b3734a98590d5020e3a479a3600019"><code>820551c</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/335">#335</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/503071673e50fd4fe5973d69174dc780288d61e9"><code>5030716</code></a> Update linters (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/334">#334</a>)</li> <li><a href="https://github.com/google-github-actions/get-gke-credentials/commit/36f99de330d5a168c801b87721b96719a0a9ada0"><code>36f99de</code></a> security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group (<a href="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/333">#333</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/get-gke-credentials/compare/d0cee45012069b163a631894b98904a9e6723729...8e574c49425fa7efed1e74650a449bfa6a23308a">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.2 to 3.29.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.3</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.3/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.3 - 21 Jul 2025</h2> <p>No user facing changes.</p> <h2>3.29.2 - 30 Jun 2025</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.20 - 21 July 2025</h2> <ul> <li>Remove support for combining SARIF files from a single upload for GHES 3.18, see <a href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the changelog post</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/d6bbdef45e766d081b84a2def353b0055f728d3e"><code>d6bbdef</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2977">#2977</a> from github/update-v3.29.3-7710ed11e</li> <li><a href="https://github.com/github/codeql-action/commit/210cc9bfa2103f4b7c4701ee383183b944c62578"><code>210cc9b</code></a> Update changelog for v3.29.3</li> <li><a href="https://github.com/github/codeql-action/commit/7710ed11e398ea99c7f7004c2b2e0f580458db42"><code>7710ed1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2970">#2970</a> from github/cklin/diff-informed-feature-enable</li> <li><a href="https://github.com/github/codeql-action/commit/6a49a8cbce6ecbd74ea251a48dbc84e64ce3be4d"><code>6a49a8c</code></a> build: refresh js files</li> <li><a href="https://github.com/github/codeql-action/commit/3aef4108d1730e17b6fd24f8b9c49d8fcc87d46d"><code>3aef410</code></a> Add diff-informed-analysis-utils.test.ts</li> <li><a href="https://github.com/github/codeql-action/commit/614b64c6ec97a4ad54f7c99c5becbf593144dbfb"><code>614b64c</code></a> Diff-informed analysis: disable for GHES below 3.19</li> <li><a href="https://github.com/github/codeql-action/commit/aefb854fe5563f4650638224c839c6e9b33c25b5"><code>aefb854</code></a> Feature.DiffInformedQueries: default to true</li> <li><a href="https://github.com/github/codeql-action/commit/03a2a17e75d20e4ff461b43f161fb2b52165f632"><code>03a2a17</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2967">#2967</a> from github/cklin/overlay-feature-flags</li> <li><a href="https://github.com/github/codeql-action/commit/07455ed3c36f739ad76d1c4e55f8b49550f74344"><code>07455ed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2972">#2972</a> from github/koesie10/ghes-satisfies</li> <li><a href="https://github.com/github/codeql-action/commit/3fb562ddcce3ca92b83ea1bb7abaa579a1ab882d"><code>3fb562d</code></a> build: refresh js files</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/181d5eefc20863364f96762470ba6f862bdef56b...d6bbdef45e766d081b84a2def353b0055f728d3e">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.6 to 1.3.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.7</h2> <p>v1.3.7: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a> - Update linkspector version to 0.4.7</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/874d01cae9fd488e3077b08952093235bd626977"><code>874d01c</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/bfc5bc55f5a8fc268165639b78b3ce6ae64915ad"><code>bfc5bc5</code></a> Update linkspector version to 0.4.7</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/3a951c1f0dca72300c2320d0eb39c2bafe429ab1...874d01cae9fd488e3077b08952093235bd626977">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-07-21 13:21:37 +00:00
dependabot[bot]	851cda55d6	ci: bump the github-actions group with 3 updates (#18665 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [fluxcd/flux2](https://github.com/fluxcd/flux2) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.12.1 to 2.12.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.2</h2> <h2>What's Changed</h2> <p>Added HTTPS Monitoring for additional destinations - *.githubusercontent.com Bug fixes:</p> <ul> <li>Implicitly allow local multicast, local unicast and broadcast IP addresses in block mode</li> <li>Increased policy map size for block mode</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49"><code>6c439dc</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a> from step-security/rc-22</li> <li><a href="https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a"><code>bf56886</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84"><code>5436dac</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8"><code>88d305a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297"><code>b976878</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6"><code>875cc92</code></a> Update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49">compare view</a></li> </ul> </details> <br /> Updates `fluxcd/flux2` from 2.6.2 to 2.6.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fluxcd/flux2/releases">fluxcd/flux2's releases</a>.</em></p> <blockquote> <h2>v2.6.3</h2> <h2>Highlights</h2> <p>Flux v2.6.3 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.</p> <p>Fixes:</p> <ul> <li>Fix for <code>rsa-sha2-512</code> and <code>rsa-sha2-256</code> algorithms not being prioritized for <code>ssh-rsa</code> host keys in source-controller, image-automation-controller and Flux CLI bootstrap.</li> </ul> <h2>Components changelog</h2> <ul> <li>source-controller <a href="https://github.com/fluxcd/source-controller/blob/v1.6.2/CHANGELOG.md">v1.6.2</a></li> <li>image-automation-controller <a href="https://github.com/fluxcd/image-automation-controller/blob/v0.41.2/CHANGELOG.md">v0.41.2</a></li> </ul> <h2>CLI changed</h2> <ul> <li>[release/v2.6.x] Update toolkit components by <a href="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in <a href="https://redirect.github.com/fluxcd/flux2/pull/5427">fluxcd/flux2#5427</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3">https://github.com/fluxcd/flux2/compare/v2.6.2...v2.6.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/fluxcd/flux2/commit/bda4c8187e436462be0d072e728b67afa215c593"><code>bda4c81</code></a> Merge pull request <a href="https://redirect.github.com/fluxcd/flux2/issues/5427">#5427</a> from fluxcd/backport-5426-to-release/v2.6.x</li> <li><a href="https://github.com/fluxcd/flux2/commit/3f281da7381e3984913244d78b9768e4fa5fbb65"><code>3f281da</code></a> Fix: Prioritize sha2-512 and sha2-256 for ssh-rsa host keys</li> <li><a href="https://github.com/fluxcd/flux2/commit/963e99188cb0a77dfbe70a3db7a34c0f6e159dd3"><code>963e991</code></a> Update toolkit components</li> <li>See full diff in <a href="https://github.com/fluxcd/flux2/compare/a48f81a66c4ca9fbd993233ab99dd03a7cfbe09a...bda4c8187e436462be0d072e728b67afa215c593">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.29.0 to 3.29.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.1</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.1/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <ul> <li>Experimental: When the <code>quality-queries</code> input for the <code>init</code> action is provided with an argument, separate <code>.quality.sarif</code> files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2935">#2376</a></li> </ul> <h2>3.29.1 - 27 Jun 2025</h2> <ul> <li>Fix bug in PR analysis where user-provided <code>include</code> query filter fails to exclude non-included queries. <a href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li> <li>Update default CodeQL bundle version to 2.22.1. <a href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li> </ul> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/39edc492dbe16b1465b0cafca41432d857bdb31a"><code>39edc49</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2953">#2953</a> from github/update-v3.29.1-428aea55f</li> <li><a href="https://github.com/github/codeql-action/commit/27c4fb1eef772029c0bbeed96d8538a2af79e541"><code>27c4fb1</code></a> Update changelog for v3.29.1</li> <li><a href="https://github.com/github/codeql-action/commit/428aea55f52aac0db14530fe4e5c97462c533f7d"><code>428aea5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2952">#2952</a> from github/redsun82/fix-swift-test</li> <li><a href="https://github.com/github/codeql-action/commit/973250f3d233f50890a597fef853ae3b2a538a31"><code>973250f</code></a> Swift: recreate a default Swift package to fix test</li> <li><a href="https://github.com/github/codeql-action/commit/8ef17824cfb2a3f40cbc7f41bac7e055e53b8164"><code>8ef1782</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2950">#2950</a> from github/update-bundle/codeql-bundle-v2.22.1</li> <li><a href="https://github.com/github/codeql-action/commit/f3bfb9860305f6e80e048f4785d6bee33bf77356"><code>f3bfb98</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/2b4afc20b636de8884609ee2a501a68a67766f26"><code>2b4afc2</code></a> Update default bundle to codeql-bundle-v2.22.1</li> <li><a href="https://github.com/github/codeql-action/commit/9b02dc2f60288b463e7a66e39c78829b62780db7"><code>9b02dc2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2928">#2928</a> from github/update-supported-enterprise-server-versions</li> <li><a href="https://github.com/github/codeql-action/commit/7ab92d0295a9b09eb653169acdb2c24f7c43614a"><code>7ab92d0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2948">#2948</a> from github/mbg/copilot-instructions</li> <li><a href="https://github.com/github/codeql-action/commit/2cae828745579fc9309404e09440d23bba2f7b79"><code>2cae828</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2947">#2947</a> from github/dependency-proxy/codeql-bundle-v2.22.0</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858...39edc492dbe16b1465b0cafca41432d857bdb31a">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-30 15:37:51 +00:00
dependabot[bot]	cba99a13e7	ci: bump the github-actions group with 6 updates (#18386 ) Bumps the github-actions group with 6 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.12.0` \| `2.12.1` \| \| [chromaui/action](https://github.com/chromaui/action) \| `12.1.1` \| `12.2.0` \| \| [actions/attest](https://github.com/actions/attest) \| `2.3.0` \| `2.4.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `115870536a85eaf050e369291c7895748ff12aea` \| `d52d20fa3f981cb852b861fd8f55308b5fe29637` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.19` \| `3.29.0` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.4` \| `1.3.5` \| Updates `step-security/harden-runner` from 2.12.0 to 2.12.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.1</h2> <h2>What's Changed</h2> <ul> <li>Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.</li> <li>Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a> from step-security/rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a> Merge branch 'main' into rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a> from step-security/dependabot/github_actions/step-sec...</li> <li><a href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a> Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0</li> <li><a href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a> from h0x0er/feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a> update</li> <li><a href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a> Merge branch 'rc-21' into feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a> fixed test case</li> <li><a href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a> self-hosted: refactored block-policy apply logic</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare view</a></li> </ul> </details> <br /> Updates `chromaui/action` from 12.1.1 to 12.2.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chromaui/action/commit/c50adf8eaa8c2878af3263499a73077854de39d4"><code>c50adf8</code></a> v12.2.0</li> <li>See full diff in <a href="https://github.com/chromaui/action/compare/8536229ee904071f8edce292596f6dbe0da96b9b...c50adf8eaa8c2878af3263499a73077854de39d4">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.3.0 to 2.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v2.4.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in the npm-production group by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/242">actions/attest#242</a></li> <li>Bump undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/246">actions/attest#246</a></li> <li>Add path to created attestation in a well-known summary file by <a href="https://github.com/kommendorkapten"><code>@kommendorkapten</code></a> in <a href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/kommendorkapten"><code>@kommendorkapten</code></a> made their first contribution in <a href="https://redirect.github.com/actions/attest/pull/252">actions/attest#252</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2...v2.4.0">https://github.com/actions/attest/compare/v2...v2.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc"><code>ce27ba3</code></a> bump package version to 2.4.0 (<a href="https://redirect.github.com/actions/attest/issues/253">#253</a>)</li> <li><a href="https://github.com/actions/attest/commit/6a89e1286443a80c6d1e0cebb7b24d8299c16774"><code>6a89e12</code></a> Add path to created attestation in a well-known summary file (<a href="https://redirect.github.com/actions/attest/issues/252">#252</a>)</li> <li><a href="https://github.com/actions/attest/commit/cbc14bbf255d1e79ad201d4308009aabd79cafdc"><code>cbc14bb</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/250">#250</a>)</li> <li><a href="https://github.com/actions/attest/commit/b87aa13652d8ee3c0c86d3582b965c842f7f388f"><code>b87aa13</code></a> Bump the npm-development group across 1 directory with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/249">#249</a>)</li> <li><a href="https://github.com/actions/attest/commit/5ae9aa28e10f70b771c67101892b7ffc141ef958"><code>5ae9aa2</code></a> Bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/actions/attest/issues/246">#246</a>)</li> <li><a href="https://github.com/actions/attest/commit/4119d34e49ca6230f84a5e799710eae4f2428d02"><code>4119d34</code></a> Bump the npm-development group across 1 directory with 6 updates (<a href="https://redirect.github.com/actions/attest/issues/245">#245</a>)</li> <li><a href="https://github.com/actions/attest/commit/7e777b150d7bec9c2cfe2c0993b186c15e97e81c"><code>7e777b1</code></a> Bump <code>@actions/github</code> from 6.0.0 to 6.0.1 in the npm-production group (<a href="https://redirect.github.com/actions/attest/issues/242">#242</a>)</li> <li><a href="https://github.com/actions/attest/commit/4d8a13a13f8c2075b78844846f6d7e38b6a920bf"><code>4d8a13a</code></a> Bump super-linter/super-linter in the actions-minor group (<a href="https://redirect.github.com/actions/attest/issues/244">#244</a>)</li> <li><a href="https://github.com/actions/attest/commit/647f15244eb261577c4910e1356026e9c1d9cda9"><code>647f152</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/240">#240</a>)</li> <li><a href="https://github.com/actions/attest/commit/20551343079b1bce85b235f46add92bbbddb8a7a"><code>2055134</code></a> Bump the npm-development group with 4 updates (<a href="https://redirect.github.com/actions/attest/issues/239">#239</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/attest/compare/afd638254319277bb3d7f0a234478733e2e46a73...ce27ba3b4a9a139d9a20a4a07d69fabb52f1e5bc">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 115870536a85eaf050e369291c7895748ff12aea to d52d20fa3f981cb852b861fd8f55308b5fe29637 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/d52d20fa3f981cb852b861fd8f55308b5fe29637"><code>d52d20f</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.15.26 to 24.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2587">#2587</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/f1c0eb959957d4094cf86adeb8bb4852f373e197"><code>f1c0eb9</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.4.0 to 5.4.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2578">#2578</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/944a0f723952a370222de3178b25805235c65933"><code>944a0f7</code></a> chore(deps-dev): bump eslint-plugin-jest from 28.13.0 to 28.13.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2585">#2585</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3dbc1e181273d808ccff822a6e00cf18b6628ef0"><code>3dbc1e1</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2592">#2592</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/7a7221b7baecf19ec83f6a411a2670a43174c883"><code>7a7221b</code></a> chore(deps): bump github/codeql-action from 3.28.18 to 3.29.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2588">#2588</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/c260d49a827b5eb266673bed7871c5d3ee9b5aef"><code>c260d49</code></a> feat: add any_added to outputs (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2567">#2567</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/b1ccff8c0892ad141d7d2de6f31e526a9dad931f"><code>b1ccff8</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2591">#2591</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a892f50f7a7187bc288633c09230b09ce7ad8fd0"><code>a892f50</code></a> docs: update link to glob patterns (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2590">#2590</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5ca5422070674a4bb487ecebf3c33251f3723c9b"><code>5ca5422</code></a> chore(deps-dev): bump ts-jest from 29.3.4 to 29.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2589">#2589</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4140eb99d2cced9bfd78375c2088371853262f79"><code>4140eb9</code></a> chore(deps-dev): bump eslint-plugin-jest from 28.12.0 to 28.13.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2583">#2583</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/115870536a85eaf050e369291c7895748ff12aea...d52d20fa3f981cb852b861fd8f55308b5fe29637">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.19 to 3.29.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.29.0</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.29.0/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.29.0 - 11 Jun 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.22.0. <a href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li> <li>Bump minimum CodeQL bundle version to 2.16.6. <a href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li> </ul> <h2>3.28.19 - 03 Jun 2025</h2> <ul> <li>The CodeQL Action no longer includes its own copy of the extractor for the <code>actions</code> language, which is currently in public preview. The <code>actions</code> extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the <code>actions</code> language <em>and</em> you have pinned your <code>tools:</code> property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable <code>actions</code> analysis.</li> <li>Update default CodeQL bundle version to 2.21.4. <a href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li> </ul> <h2>3.28.18 - 16 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.3. <a href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li> <li>Skip validating SARIF produced by CodeQL for improved performance. <a href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li> <li>The number of threads and amount of RAM used by CodeQL can now be set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code> runner environment variables. If set, these environment variables override the <code>threads</code> and <code>ram</code> inputs respectively. <a href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li> </ul> <h2>3.28.17 - 02 May 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.2. <a href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li> </ul> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/ce28f5bb42b7a9f2c824e633a3f6ee835bab6858"><code>ce28f5b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2926">#2926</a> from github/update-v3.29.0-e8799281c</li> <li><a href="https://github.com/github/codeql-action/commit/bc251b7932638a7881a8db15d1aaf0151642af99"><code>bc251b7</code></a> Update changelog for v3.29.0</li> <li><a href="https://github.com/github/codeql-action/commit/e8799281c8dee3b2e1aaed2c059e530fcfdc2d6d"><code>e879928</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2925">#2925</a> from github/update-bundle/codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/efd43b3097c094d883d91934155f0a32af09dff7"><code>efd43b3</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/7cb9b16051842e6c23c8b9fbcf92481f92d0644a"><code>7cb9b16</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2912">#2912</a> from github/henrymercer/bump-minimum-codeql-2.16.6</li> <li><a href="https://github.com/github/codeql-action/commit/3855117ba18b27e082b12e3e92e00d1b52aaa605"><code>3855117</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/f5d4e2a7ca2a5826357748bb8743390a4775946f"><code>f5d4e2a</code></a> Update default bundle to codeql-bundle-v2.22.0</li> <li><a href="https://github.com/github/codeql-action/commit/22deae890c55a1dc3ffba1aa20ad4148284e72d1"><code>22deae8</code></a> Update package-lock.json</li> <li><a href="https://github.com/github/codeql-action/commit/df2a830ca4348a013f4804b56f41795f408f1e4e"><code>df2a830</code></a> Merge branch 'main' into henrymercer/bump-minimum-codeql-2.16.6</li> <li><a href="https://github.com/github/codeql-action/commit/b1e4dc3db58c9601794e22a9f6d28d45461b9dbf"><code>b1e4dc3</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2916">#2916</a> from github/dependabot/npm_and_yarn/npm-5cdccdc43f</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/fca7ace96b7d713c7035871441bd52efbe39e27e...ce28f5bb42b7a9f2c824e633a3f6ee835bab6858">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.4 to 1.3.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.5</h2> <p>v1.3.5: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a> - Update linkspector version to 0.4.5</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/e2ccef58c4b9eb89cd71ee23a8629744bba75aa6"><code>e2ccef5</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/45">#45</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/6cc23b20f1b7de3860f639255ccebc2b6428c62e"><code>6cc23b2</code></a> Update linkspector version to 0.4.5</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/a0567ce1c7c13de4a2358587492ed43cab5d0102...e2ccef58c4b9eb89cd71ee23a8629744bba75aa6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-06-16 12:39:39 +00:00
dependabot[bot]	0a26eeec0c	ci: bump the github-actions group with 7 updates (#17581 ) Bumps the github-actions group with 7 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.11.1` \| `2.12.0` \| \| [google-github-actions/auth](https://github.com/google-github-actions/auth) \| `2.1.8` \| `2.1.10` \| \| [actions/download-artifact](https://github.com/actions/download-artifact) \| `4.2.1` \| `4.3.0` \| \| [actions/attest](https://github.com/actions/attest) \| `2.2.1` \| `2.3.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `9934ab3fdf63239da75d9e0fbd339c48620c72c4` \| `5426ecc3f5c2b10effaefbd374f0abdc6a571b2f` \| \| [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action) \| `6.1.2` \| `6.1.3` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.15` \| `3.28.16` \| Updates `step-security/harden-runner` from 2.11.1 to 2.12.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.0</h2> <h2>What's Changed</h2> <ol> <li> <p>A new option, <code>disable-sudo-and-containers</code>, is now available to replace the <code>disable-sudo policy</code>, addressing Docker-based privilege escalation (<a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>). More details can be found in this <a href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog post</a>.</p> </li> <li> <p>New detections have been added based on insights from the tj-actions and reviewdog actions incidents.</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a> from step-security/rc-20</li> <li><a href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a> Update action.yml</li> <li><a href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a> Update agent versions</li> <li><a href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a> fix disable_sudo_and_containers bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a> fix journalctl related bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a> from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li> <li><a href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a> fix: run sudo command only when both disable-sudo and disable-sudo-and-docker...</li> <li><a href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a> Update agent</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare view</a></li> </ul> </details> <br /> Updates `google-github-actions/auth` from 2.1.8 to 2.1.10 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google-github-actions/auth/releases">google-github-actions/auth's releases</a>.</em></p> <blockquote> <h2>v2.1.10</h2> <h2>What's Changed</h2> <ul> <li>Declare workflow permissions by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/482">google-github-actions/auth#482</a></li> <li>Document that the OIDC token expires in 5min by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/483">google-github-actions/auth#483</a></li> <li>Release: v2.1.10 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/484">google-github-actions/auth#484</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10">https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10</a></p> <h2>v2.1.9</h2> <h2>What's Changed</h2> <ul> <li>Use our custom boolean parsing by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/478">google-github-actions/auth#478</a></li> <li>Update deps by <a href="https://github.com/sethvargo"><code>@sethvargo</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/479">google-github-actions/auth#479</a></li> <li>Release: v2.1.9 by <a href="https://github.com/google-github-actions-bot"><code>@google-github-actions-bot</code></a> in <a href="https://redirect.github.com/google-github-actions/auth/pull/480">google-github-actions/auth#480</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9">https://github.com/google-github-actions/auth/compare/v2.1.8...v2.1.9</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google-github-actions/auth/commit/ba79af03959ebeac9769e648f473a284504d9193"><code>ba79af0</code></a> Release: v2.1.10 (<a href="https://redirect.github.com/google-github-actions/auth/issues/484">#484</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/bfaa66bd663615688155de119a676d67396f6bb7"><code>bfaa66b</code></a> Document that the OIDC token expires in 5min (<a href="https://redirect.github.com/google-github-actions/auth/issues/483">#483</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/d0822ad9bf77d35dee590e455d9ef5b96ccb243c"><code>d0822ad</code></a> Declare workflow permissions (<a href="https://redirect.github.com/google-github-actions/auth/issues/482">#482</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/7b53cdc2a387814ed14eec026287aac689ae8c9b"><code>7b53cdc</code></a> Release: v2.1.9 (<a href="https://redirect.github.com/google-github-actions/auth/issues/480">#480</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/a9cfddf5d2f27aa426027a399f75d209953ade8e"><code>a9cfddf</code></a> Update deps (<a href="https://redirect.github.com/google-github-actions/auth/issues/479">#479</a>)</li> <li><a href="https://github.com/google-github-actions/auth/commit/b011f3988e66cb193db0f34974b1d7cde74e4f95"><code>b011f39</code></a> Use our custom boolean parsing (<a href="https://redirect.github.com/google-github-actions/auth/issues/478">#478</a>)</li> <li>See full diff in <a href="https://github.com/google-github-actions/auth/compare/71f986410dfbc7added4569d411d040a91dc6935...ba79af03959ebeac9769e648f473a284504d9193">compare view</a></li> </ul> </details> <br /> Updates `actions/download-artifact` from 4.2.1 to 4.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>feat: implement new <code>artifact-ids</code> input by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> <li>Fix workflow example for downloading by artifact ID by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/402">actions/download-artifact#402</a></li> <li>Prep for v4.3.0 release by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/404">actions/download-artifact#404</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0">https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/d3f86a106a0bac45b974a628896c90dbdf5c8093"><code>d3f86a1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/404">#404</a> from actions/robherley/v4.3.0</li> <li><a href="https://github.com/actions/download-artifact/commit/fc02353415da80201a0da48ab47022efd7725d11"><code>fc02353</code></a> prep for v4.3.0 release</li> <li><a href="https://github.com/actions/download-artifact/commit/77454371a433f370a16d329ef7db197f700a7a8f"><code>7745437</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/402">#402</a> from actions/joshmgross/download-by-id-example</li> <li><a href="https://github.com/actions/download-artifact/commit/84fc7a0a358aabc7f97f7f590cbfc25f57e26c6a"><code>84fc7a0</code></a> Remove path filters from Check dist workflow</li> <li><a href="https://github.com/actions/download-artifact/commit/67f2bc382f6ba5ba75812a05909e8c25a366b5fb"><code>67f2bc3</code></a> Fix workflow example for downloading by artifact ID</li> <li><a href="https://github.com/actions/download-artifact/commit/8ea3c2c174f79a56792e9fdd9baad75d27c5d369"><code>8ea3c2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/401">#401</a> from actions/download-by-id</li> <li><a href="https://github.com/actions/download-artifact/commit/d219c630f65d8bd14366a9e2f731cbf854f62258"><code>d219c63</code></a> add supporting unit tests for artifact downloads with ids</li> <li><a href="https://github.com/actions/download-artifact/commit/54124fbd881f8ce794405a06896c93c49c17463e"><code>54124fb</code></a> revert <code>getArtifact()</code> changes - for now we have to list and filter by artifa...</li> <li><a href="https://github.com/actions/download-artifact/commit/b83057b90d3e218abf5c7b1906579eb6c598ae85"><code>b83057b</code></a> bundle</li> <li><a href="https://github.com/actions/download-artifact/commit/171183c7dce98c3cf8a1fc842429d0a38ed21d33"><code>171183c</code></a> use the same <code>artifactClient.getArtifact</code> structure as seen above in `isSingl...</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093">compare view</a></li> </ul> </details> <br /> Updates `actions/attest` from 2.2.1 to 2.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/attest/releases">actions/attest's releases</a>.</em></p> <blockquote> <h2>v2.3.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@octokit/request</code> from 8.2.0 to 8.4.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/attest/pull/229">actions/attest#229</a></li> <li>Bump <code>@sigstore/oci</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/attest/pull/235">actions/attest#235</a> <ul> <li>Adds support for reading the <code>HttpHeaders</code> value from the Docker config file</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/attest/compare/v2...v2.3.0">https://github.com/actions/attest/compare/v2...v2.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/attest/commit/afd638254319277bb3d7f0a234478733e2e46a73"><code>afd6382</code></a> Bump <code>@sigstore/oci</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/attest/issues/235">#235</a>)</li> <li><a href="https://github.com/actions/attest/commit/d73111199c05526c91684e5e845606249f88accc"><code>d731111</code></a> Bump the npm-development group across 1 directory with 6 updates (<a href="https://redirect.github.com/actions/attest/issues/234">#234</a>)</li> <li><a href="https://github.com/actions/attest/commit/13aa4f6a9ce09dcf318f1ac18a48388699d96a62"><code>13aa4f6</code></a> Bump <code>@octokit/request</code> from 8.2.0 to 8.4.1 (<a href="https://redirect.github.com/actions/attest/issues/229">#229</a>)</li> <li><a href="https://github.com/actions/attest/commit/129b656e44fad75bb154cc2953cf07ba1da8a419"><code>129b656</code></a> Bump the npm-development group with 3 updates (<a href="https://redirect.github.com/actions/attest/issues/227">#227</a>)</li> <li><a href="https://github.com/actions/attest/commit/f3c169c8df83481993e3075060fc687e87747125"><code>f3c169c</code></a> Bump the npm-development group with 5 updates (<a href="https://redirect.github.com/actions/attest/issues/225">#225</a>)</li> <li><a href="https://github.com/actions/attest/commit/48e991bfda5b806f66f0a2ad8ae4e17f14cdfd33"><code>48e991b</code></a> Bump the npm-development group across 1 directory with 6 updates (<a href="https://redirect.github.com/actions/attest/issues/223">#223</a>)</li> <li>See full diff in <a href="https://github.com/actions/attest/compare/a63cfcc7d1aab266ee064c58250cfc2c7d07bc31...afd638254319277bb3d7f0a234478733e2e46a73">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 9934ab3fdf63239da75d9e0fbd339c48620c72c4 to 5426ecc3f5c2b10effaefbd374f0abdc6a571b2f <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/5426ecc3f5c2b10effaefbd374f0abdc6a571b2f"><code>5426ecc</code></a> chore(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2545">#2545</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/513a44e6095ccea82c33927169db11eb75f72791"><code>513a44e</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.14.1 to 22.15.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2544">#2544</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/46e217dc3e3b2601594036314ca9212588075592"><code>46e217d</code></a> chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2542">#2542</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/c34c1c13a740b06851baff92ab9a653d93ad6ce7"><code>c34c1c1</code></a> chore(deps): bump actions/setup-node from 4.3.0 to 4.4.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2539">#2539</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/52c3beb9971d42006b24e86bf3ea3fff18dde67f"><code>52c3beb</code></a> chore(deps-dev): bump ts-jest from 29.3.1 to 29.3.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2536">#2536</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/ea3010bc88ae93076e154efd9eb64d1f5e6993f9"><code>ea3010b</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.14.0 to 22.14.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2537">#2537</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/be393a90381e27c9fec2c8c2e02b00f005710145"><code>be393a9</code></a> remove: commit and push step from build job (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2538">#2538</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9b4bb2bedb217d3ede225b6b07ebde713177cd8f"><code>9b4bb2b</code></a> chore(deps): bump tj-actions/branch-names from 8.1.0 to 8.2.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2535">#2535</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/changed-files/compare/9934ab3fdf63239da75d9e0fbd339c48620c72c4...5426ecc3f5c2b10effaefbd374f0abdc6a571b2f">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 6.1.2 to 6.1.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v6.1.3</h2> <h2>Fixes</h2> <ul> <li>Use <code>bigint</code> instead of <code>number</code> for the store size (<a href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a>)</li> <li>Fix saving a cache (<a href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/135667ec418502fa5a3598af6fb9eb733888ce6a"><code>135667e</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/122">#122</a> from nix-community/118-bug-cant-save-a-cache</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/e29de90a039b410e88cd97a0029c3cbdad611ad5"><code>e29de90</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/6bd39b8caa31871d2bc38356ab8b94621ca1e116"><code>6bd39b8</code></a> fix(action): use TarCommandModifiers</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/1b6f6754d3c59414aad4ab660cd611b1e35c0232"><code>1b6f675</code></a> chore(deps): update buildjet/toolkit</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/2b45b8cabe18b0f3db2eb2cf4e195238eee4a325"><code>2b45b8c</code></a> chore(deps): update actions/toolkit</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/f68581e27a06c8c9115dec37e42325d562d9664b"><code>f68581e</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/b6406dc6e7f9c6ad6b399ed561f29f7e406544d5"><code>b6406dc</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/117">#117</a> from nix-community/116-bug-inputsgcmaxstoresizevalue-...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/a91821953137cbb5f2a2d45fa174d69fea427ef4"><code>a918219</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c6081efc5157c972934491630ade96e53259023c"><code>c6081ef</code></a> feat(ci): add example of large gc-max-store-size</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/cf6af9e3e9fb402a3b92286b7c8b48afa94de5a6"><code>cf6af9e</code></a> fix(action): use bigint for the store size</li> <li>Additional commits viewable in <a href="https://github.com/nix-community/cache-nix-action/compare/c448f065ba14308da81de769632ca67a3ce67cf5...135667ec418502fa5a3598af6fb9eb733888ce6a">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.15 to 3.28.16 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.16</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.16/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.16 - 23 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.1. <a href="https://redirect.github.com/github/codeql-action/pull/2863">#2863</a></li> </ul> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/28deaeda66b76a05916b6923827895f2b14ab387"><code>28deaed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2865">#2865</a> from github/update-v3.28.16-2a8cbadc0</li> <li><a href="https://github.com/github/codeql-action/commit/03c5d71c11f6cb2c5ba7eef371219a862be30193"><code>03c5d71</code></a> Update changelog for v3.28.16</li> <li><a href="https://github.com/github/codeql-action/commit/2a8cbadc02bb64a7fd15d37c977acbad02496c80"><code>2a8cbad</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2863">#2863</a> from github/update-bundle/codeql-bundle-v2.21.1</li> <li><a href="https://github.com/github/codeql-action/commit/f76eaf51a636a5c1d927998267d92d6475363ace"><code>f76eaf5</code></a> Add changelog note</li> <li><a href="https://github.com/github/codeql-action/commit/e63b3f5166c15fda4eb17886f01abe9445dd13f5"><code>e63b3f5</code></a> Update default bundle to codeql-bundle-v2.21.1</li> <li><a href="https://github.com/github/codeql-action/commit/4c3e5362829f0b0bb62ff5f6c938d7f95574c306"><code>4c3e536</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2853">#2853</a> from github/dependabot/npm_and_yarn/npm-7d84c66b66</li> <li><a href="https://github.com/github/codeql-action/commit/56dd02f26d99811d607284494ff84b7d862fe837"><code>56dd02f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2852">#2852</a> from github/dependabot/github_actions/actions-457587...</li> <li><a href="https://github.com/github/codeql-action/commit/192406dd845fb2228fcea74898b98df2a6cdcef6"><code>192406d</code></a> Merge branch 'main' into dependabot/github_actions/actions-4575878e06</li> <li><a href="https://github.com/github/codeql-action/commit/c7dbb2084ed1bb623fbbb3976cd6dbae6daaf1fe"><code>c7dbb20</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2857">#2857</a> from github/nickfyson/address-vulns</li> <li><a href="https://github.com/github/codeql-action/commit/9a45cd8c5025281c30bbb652197ace083c291e49"><code>9a45cd8</code></a> move use of input variables into env vars</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...28deaeda66b76a05916b6923827895f2b14ab387">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-04-28 13:22:26 +00:00
dependabot[bot]	fa594f4f6a	ci: bump the github-actions group across 1 directory with 8 updates (#17377 ) Bumps the github-actions group with 8 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [step-security/harden-runner](https://github.com/step-security/harden-runner) \| `2.11.0` \| `2.11.1` \| \| [crate-ci/typos](https://github.com/crate-ci/typos) \| `1.29.10` \| `1.31.1` \| \| [actions/setup-java](https://github.com/actions/setup-java) \| `4.7.0` \| `4.7.1` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` \| `9934ab3fdf63239da75d9e0fbd339c48620c72c4` \| \| [tj-actions/branch-names](https://github.com/tj-actions/branch-names) \| `8.1.0` \| `8.2.1` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.28.12` \| `3.28.15` \| \| [coder/start-workspace-action](https://github.com/coder/start-workspace-action) \| `26d3600161d67901f24d8612793d3b82771cde2d` \| `35a4608cefc7e8cc56573cae7c3b85304575cb72` \| \| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) \| `1.3.2` \| `1.3.4` \| Updates `step-security/harden-runner` from 2.11.0 to 2.11.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.1</h2> <h2>What's Changed</h2> <ul> <li>cache: add support for GitHub Actions cache v2 by <a href="https://github.com/h0x0er"><code>@h0x0er</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a> from step-security/rc-19</li> <li><a href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a> Improve error handling</li> <li><a href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a> from h0x0er/jatin/cache-fix</li> <li><a href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a> cache: added support for cache v2</li> <li><a href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a> from step-security/fix/security/GHSA-968p-4wvh-cqc8</li> <li><a href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a> Address vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a> Update README (<a href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a> Update Readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a> Update readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a> from vorburger/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.29.10 to 1.31.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.31.1</h2> <h2>[1.31.1] - 2025-03-31</h2> <h3>Fixes</h3> <ul> <li><em>(dict)</em> Also correct <code>typ</code> to <code>type</code></li> </ul> <h2>v1.31.0</h2> <h2>[1.31.0] - 2025-03-28</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1266">March 2025</a> changes</li> </ul> <h2>v1.30.3</h2> <h2>[1.30.3] - 2025-03-24</h2> <h3>Features</h3> <ul> <li>Support detecting <code>go.work</code> and <code>go.work.sum</code> files</li> </ul> <h2>v1.30.2</h2> <h2>[1.30.2] - 2025-03-10</h2> <h3>Features</h3> <ul> <li>Add <code>--highlight-words</code> and <code>--highlight-identifiers</code> for easier debugging of config</li> </ul> <h2>v1.30.1</h2> <h2>[1.30.1] - 2025-03-04</h2> <h3>Features</h3> <ul> <li><em>(action)</em> Create <code>v1</code> tag</li> </ul> <h2>v1.30.0</h2> <h2>[1.30.0] - 2025-03-01</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1221">February 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.31.1] - 2025-03-31</h2> <h3>Fixes</h3> <ul> <li><em>(dict)</em> Also correct <code>typ</code> to <code>type</code></li> </ul> <h2>[1.31.0] - 2025-03-28</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1266">March 2025</a> changes</li> </ul> <h2>[1.30.3] - 2025-03-24</h2> <h3>Features</h3> <ul> <li>Support detecting <code>go.work</code> and <code>go.work.sum</code> files</li> </ul> <h2>[1.30.2] - 2025-03-10</h2> <h3>Features</h3> <ul> <li>Add <code>--highlight-words</code> and <code>--highlight-identifiers</code> for easier debugging of config</li> </ul> <h2>[1.30.1] - 2025-03-04</h2> <h3>Features</h3> <ul> <li><em>(action)</em> Create <code>v1</code> tag</li> </ul> <h2>[1.30.0] - 2025-03-01</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1221">February 2025</a> changes</li> </ul> <h2>[1.29.10] - 2025-02-25</h2> <h3>Fixes</h3> <ul> <li>Also correct <code>contaminent</code> as <code>contaminant</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/b1a1ef3893ff35ade0cfa71523852a49bfd05d19"><code>b1a1ef3</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/9c8a2c384f9b92ac5e7166040a1571141e271e7a"><code>9c8a2c3</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/12195d75fea9498ad83cb8d85e357a986e90fb7e"><code>12195d7</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1267">#1267</a> from epage/type</li> <li><a href="https://github.com/crate-ci/typos/commit/d4dbe5f77bde37609ce3424df4a713a61f87ad2b"><code>d4dbe5f</code></a> fix(dict): Also correct typ to type</li> <li><a href="https://github.com/crate-ci/typos/commit/718c4ff697435edabd4f1c52c3775521adbb33a3"><code>718c4ff</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/bfbf137ed65f9abe0e9a3a92a354a787ca084240"><code>bfbf137</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/d47e90e4ffad8924461124c3b3787e220b811956"><code>d47e90e</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/0694c2a98227bebeefdfff96f2086480295d00a5"><code>0694c2a</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1266">#1266</a> from epage/march</li> <li><a href="https://github.com/crate-ci/typos/commit/f715ca8b0824515b13e3e51ed80c8a255d8a7d07"><code>f715ca8</code></a> feat(dict): March 2025 updates</li> <li><a href="https://github.com/crate-ci/typos/commit/d08e4083f112e684fb88f6babd9ae60a1f1cd84f"><code>d08e408</code></a> chore: Release</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/db35ee91e80fbb447f33b0e5fbddb24d2a1a884f...b1a1ef3893ff35ade0cfa71523852a49bfd05d19">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 4.7.0 to 4.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v4.7.1</h2> <h2>What's Changed</h2> <h3>Documentation changes</h3> <ul> <li>Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li> <li>Remove duplicated GraalVM section in documentation by <a href="https://github.com/Marcono1234"><code>@Marcono1234</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li> <li>Upgrade <code>@actions/glob</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li> <li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li> <li>Upgrade <code>@action/cache</code> to 4.0.3 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a> actions/cache upgrade to 4.0.3 (<a href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a> Bump ts-jest from 29.1.2 to 29.2.5 (<a href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a> Bump <code>@actions/glob</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a> Remove duplicated GraalVM section in documentation (<a href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a> upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 (<a href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a> Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Ali...</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 to 9934ab3fdf63239da75d9e0fbd339c48620c72c4 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a> - (2025-04-09)</h1> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>) - (dependabot[bot])</li> <li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>) (<a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>) - (dependabot[bot])</li> <li><strong>deps:</strong> Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>) - (dependabot[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a> - (2025-04-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Bug modified_keys and changed_key outputs not set when no changes detected (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update readme (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>) (<a href="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v46.0.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> Co-authored-by: Tonye Jack <a href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>) - (github-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>) - (github-actions[bot])</p> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/9934ab3fdf63239da75d9e0fbd339c48620c72c4"><code>9934ab3</code></a> chore(deps-dev): bump eslint-config-prettier from 10.1.1 to 10.1.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2532">#2532</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/db731a131ccd81ed52a3d463b6d2a4b2856c7ec9"><code>db731a1</code></a> Upgraded to v46.0.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2531">#2531</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c"><code>ed68ef8</code></a> chore(deps): bump yaml from 2.7.0 to 2.7.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5"><code>a7bc14b</code></a> chore(deps-dev): bump typescript from 5.8.2 to 5.8.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab"><code>3d751f6</code></a> chore(deps-dev): bump <code>@types/node</code> from 22.13.11 to 22.14.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f"><code>e2fda4e</code></a> chore(deps-dev): bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48"><code>0bed1b1</code></a> chore(deps-dev): bump ts-jest from 29.2.6 to 29.3.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb"><code>6802458</code></a> chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792"><code>cf2e39e</code></a> chore(deps): bump tj-actions/branch-names from 8.0.1 to 8.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4"><code>6abeaa5</code></a> chore(deps): bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99...9934ab3fdf63239da75d9e0fbd339c48620c72c4">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/branch-names` from 8.1.0 to 8.2.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/releases">tj-actions/branch-names's releases</a>.</em></p> <blockquote> <h2>v8.2.1</h2> <h2>What's Changed</h2> <ul> <li>fix: update sync-release-version.yml to sign commits by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/416">tj-actions/branch-names#416</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1</a></p> <h2>v8.2.0</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v8.1.0 by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/410">tj-actions/branch-names#410</a></li> <li>feat: add support for replace forward slashes with hyphens by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/412">tj-actions/branch-names#412</a></li> <li>chore: update update-readme.yml by <a href="https://github.com/jackton1"><code>@jackton1</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/414">tj-actions/branch-names#414</a></li> <li>Updated README.md by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/github-actions"><code>@github-actions</code></a> made their first contribution in <a href="https://redirect.github.com/tj-actions/branch-names/pull/415">tj-actions/branch-names#415</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/branch-names/compare/v8...v8.2.0">https://github.com/tj-actions/branch-names/compare/v8...v8.2.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/branch-names/blob/main/HISTORY.md">tj-actions/branch-names's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.2.0...v8.2.1">8.2.1</a> - (2025-04-11)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Update sync-release-version.yml to sign commits (<a href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>) (<a href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8">dde14ac</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.1.0...v8.2.0">8.2.0</a> - (2025-04-11)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add support for replace forward slashes with hyphens (<a href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>) (<a href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df">af40635</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Deleted .github/workflows/rebase.yml (<a href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868">c209967</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420">47dfeca</a>) - (github-actions[bot])</p> <ul> <li>Update update-readme.yml (<a href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db">c9cf6f9</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li>Update update-readme.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>) (<a href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c">b1f61bc</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded from v8.0.2 -> v8.1.0 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li> </ul> <p>(<a href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf">9601220</a>) - (Tonye Jack)</p> <h1><a href="https://github.com/tj-actions/branch-names/compare/v8.0.2...v8.1.0">8.1.0</a> - (2025-03-23)</h1> <h2><!-- raw HTML omitted -->🚀 Features</h2> <ul> <li>Add support for strip_branch_prefix (<a href="https://redirect.github.com/tj-actions/branch-names/issues/406">#406</a>) (<a href="https://github.com/tj-actions/branch-names/commit/c83c87ab5379a8ff88c905ea78c391c0d53972ac">c83c87a</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/408">#408</a>)</li> </ul> <p>(<a href="https://github.com/tj-actions/branch-names/commit/d18e657ed32f367301fdebeb9a88b7e5539f3052">d18e657</a>) - (Tonye Jack)</p> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li>Update test.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/409">#409</a>) (<a href="https://github.com/tj-actions/branch-names/commit/f44339b51f74753b57583fbbd124e18a81170ab1">f44339b</a>) - (Tonye Jack)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/branch-names/commit/dde14ac574a8b9b1cedc59a1cf312788af43d8d8"><code>dde14ac</code></a> fix: update sync-release-version.yml to sign commits (<a href="https://redirect.github.com/tj-actions/branch-names/issues/416">#416</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/47dfecabcf7a70329c1d7fc49d56ce56739c5420"><code>47dfeca</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/branch-names/issues/415">#415</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/c9cf6f9a0e21d41fb9acf4025894c022a1dd22db"><code>c9cf6f9</code></a> Update update-readme.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/b1f61bc147718240eda9ab8a823f836416ab297c"><code>b1f61bc</code></a> chore: update update-readme.yml (<a href="https://redirect.github.com/tj-actions/branch-names/issues/414">#414</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/af406356b42c0855d5d112babee4a0b76ee630df"><code>af40635</code></a> feat: add support for replace forward slashes with hyphens (<a href="https://redirect.github.com/tj-actions/branch-names/issues/412">#412</a>)</li> <li><a href="https://github.com/tj-actions/branch-names/commit/c209967c9a91450d7dced6e5adc3c61ca030c868"><code>c209967</code></a> Deleted .github/workflows/rebase.yml</li> <li><a href="https://github.com/tj-actions/branch-names/commit/96012203a066021edaf47a9381953d843444eacf"><code>9601220</code></a> Upgraded from v8.0.2 -> v8.1.0 (<a href="https://redirect.github.com/tj-actions/branch-names/issues/410">#410</a>)</li> <li>See full diff in <a href="https://github.com/tj-actions/branch-names/compare/f44339b51f74753b57583fbbd124e18a81170ab1...dde14ac574a8b9b1cedc59a1cf312788af43d8d8">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.28.12 to 3.28.15 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.28.15</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.15/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.14</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.14/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> <h2>v3.28.13</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.28.13/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.28.15 - 07 Apr 2025</h2> <ul> <li>Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. <a href="https://redirect.github.com/github/codeql-action/pull/2842">#2842</a></li> </ul> <h2>3.28.14 - 07 Apr 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.21.0. <a href="https://redirect.github.com/github/codeql-action/pull/2838">#2838</a></li> </ul> <h2>3.28.13 - 24 Mar 2025</h2> <p>No user facing changes.</p> <h2>3.28.12 - 19 Mar 2025</h2> <ul> <li>Dependency caching should now cache more dependencies for Java <code>build-mode: none</code> extractions. This should speed up workflows and avoid inconsistent alerts in some cases.</li> <li>Update default CodeQL bundle version to 2.20.7. <a href="https://redirect.github.com/github/codeql-action/pull/2810">#2810</a></li> </ul> <h2>3.28.11 - 07 Mar 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.6. <a href="https://redirect.github.com/github/codeql-action/pull/2793">#2793</a></li> </ul> <h2>3.28.10 - 21 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.5. <a href="https://redirect.github.com/github/codeql-action/pull/2772">#2772</a></li> <li>Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. <a href="https://redirect.github.com/github/codeql-action/pull/2768">#2768</a></li> </ul> <h2>3.28.9 - 07 Feb 2025</h2> <ul> <li>Update default CodeQL bundle version to 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/2753">#2753</a></li> </ul> <h2>3.28.8 - 29 Jan 2025</h2> <ul> <li>Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. <a href="https://redirect.github.com/github/codeql-action/pull/2744">#2744</a></li> </ul> <h2>3.28.7 - 29 Jan 2025</h2> <p>No user facing changes.</p> <h2>3.28.6 - 27 Jan 2025</h2> <ul> <li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater. <a href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/45775bd8235c68ba998cffa5171334d58593da47"><code>45775bd</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2854">#2854</a> from github/update-v3.28.15-a35ae8c38</li> <li><a href="https://github.com/github/codeql-action/commit/dd78aab4078b17a672a66d6a80a990beb672ede1"><code>dd78aab</code></a> Update CHANGELOG.md with bug fix details</li> <li><a href="https://github.com/github/codeql-action/commit/e40af591743761de70080085b4e6ce37f7f6e657"><code>e40af59</code></a> Update changelog for v3.28.15</li> <li><a href="https://github.com/github/codeql-action/commit/a35ae8c380fa35365cd546f9a397a46f60dd82cf"><code>a35ae8c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2843">#2843</a> from github/cklin/diff-informed-compat</li> <li><a href="https://github.com/github/codeql-action/commit/bb59df6c174a91d88eec1c48f2ab0ef7b5f96e99"><code>bb59df6</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2842">#2842</a> from github/henrymercer/zip64</li> <li><a href="https://github.com/github/codeql-action/commit/4b508f59648bef88ef72c74f1ffff531fda55ea8"><code>4b508f5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2845">#2845</a> from github/mergeback/v3.28.14-to-main-fc7e4a0f</li> <li><a href="https://github.com/github/codeql-action/commit/ca00afb5f1457cf1c85da6cda07d73e720ff061a"><code>ca00afb</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/2969c78ce0262bf75658058604498d2b4bdb0b9b"><code>2969c78</code></a> Update changelog and version after v3.28.14</li> <li><a href="https://github.com/github/codeql-action/commit/fc7e4a0fa01c3cca5fd6a1fddec5c0740c977aa2"><code>fc7e4a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2844">#2844</a> from github/update-v3.28.14-362ef4ce2</li> <li><a href="https://github.com/github/codeql-action/commit/be0175c800fe14dd962aaa2c97f55371f6f95b35"><code>be0175c</code></a> Update changelog for v3.28.14</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...45775bd8235c68ba998cffa5171334d58593da47">compare view</a></li> </ul> </details> <br /> Updates `coder/start-workspace-action` from 26d3600161d67901f24d8612793d3b82771cde2d to 35a4608cefc7e8cc56573cae7c3b85304575cb72 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/coder/start-workspace-action/commit/35a4608cefc7e8cc56573cae7c3b85304575cb72"><code>35a4608</code></a> update <code>github-username</code> description to specify requirement for Coder 2.21 or...</li> <li><a href="https://github.com/coder/start-workspace-action/commit/0054568c043bba479899edb91ef96a5cfca21c55"><code>0054568</code></a> clarify requirements for the <code>github-username</code> input</li> <li><a href="https://github.com/coder/start-workspace-action/commit/f3cda2e65a469e6dd60478c111c745b919c0ec68"><code>f3cda2e</code></a> fix variable names</li> <li><a href="https://github.com/coder/start-workspace-action/commit/a6a41dc1eb63a8e58dc43a97a2c2cb04ccc40b36"><code>a6a41dc</code></a> update readme</li> <li><a href="https://github.com/coder/start-workspace-action/commit/a09e31de35a1d153448ed707d63708e2a2acef3c"><code>a09e31d</code></a> more defaults for inputs</li> <li><a href="https://github.com/coder/start-workspace-action/commit/13304209b2b4449befcb6d0392693311aad1faff"><code>1330420</code></a> Add a screenshot to the README</li> <li><a href="https://github.com/coder/start-workspace-action/commit/8d0b0d4118b6fa0c504b79c06dc99f4ed024c749"><code>8d0b0d4</code></a> clarify status comment</li> <li><a href="https://github.com/coder/start-workspace-action/commit/747b408cb53f6e3440ba04f951c75077994ff95a"><code>747b408</code></a> update input descriptions</li> <li><a href="https://github.com/coder/start-workspace-action/commit/e526e6fb8e781ffacf59c6066194286a9f3cee8a"><code>e526e6f</code></a> update example action tag</li> <li><a href="https://github.com/coder/start-workspace-action/commit/212ab2f68a115ca64029be34610433cfa16a89e0"><code>212ab2f</code></a> update readme and add a license</li> <li>Additional commits viewable in <a href="https://github.com/coder/start-workspace-action/compare/26d3600161d67901f24d8612793d3b82771cde2d...35a4608cefc7e8cc56573cae7c3b85304575cb72">compare view</a></li> </ul> </details> <br /> Updates `umbrelladocs/action-linkspector` from 1.3.2 to 1.3.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector's releases</a>.</em></p> <blockquote> <h2>Release v1.3.4</h2> <p>v1.3.4: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a> - Update linkspector version to 0.4.4</p> <h2>Release v1.3.3</h2> <p>v1.3.3: PR <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a> - Update linkspector version to 0.4.3</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/a0567ce1c7c13de4a2358587492ed43cab5d0102"><code>a0567ce</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/42">#42</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/f5418fddbc33d4b79076fee4e41451501c6ceb0f"><code>f5418fd</code></a> Update linkspector version to 0.4.4</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/3e12ade1e0b1823455dae8cf8b4f9cc92ec7dd20"><code>3e12ade</code></a> Merge pull request <a href="https://redirect.github.com/umbrelladocs/action-linkspector/issues/41">#41</a> from UmbrellaDocs/update-linkspector-version</li> <li><a href="https://github.com/UmbrellaDocs/action-linkspector/commit/8dfab6548de1b83b975ac3262626c2d1875f59f1"><code>8dfab65</code></a> Update linkspector version to 0.4.3</li> <li>See full diff in <a href="https://github.com/umbrelladocs/action-linkspector/compare/49cf4f8da82db70e691bb8284053add5028fa244...a0567ce1c7c13de4a2358587492ed43cab5d0102">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> \| Dependency Name \| Ignore Conditions \| \| --- \| --- \| \| crate-ci/typos \| [>= 1.30.a, < 1.31] \| </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Muhammad Atif Ali <atif@coder.com>	2025-04-14 19:55:01 +00:00
dependabot[bot]	27a160d136	ci: bump the github-actions group with 4 updates (#16966 ) Bumps the github-actions group with 4 updates: [docker/login-action](https://github.com/docker/login-action), [tj-actions/changed-files](https://github.com/tj-actions/changed-files), [nix-community/cache-nix-action](https://github.com/nix-community/cache-nix-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `docker/login-action` from 3.3.0 to 3.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v3.4.0</h2> <ul> <li>Bump <code>@actions/core</code> from 1.10.1 to 1.11.1 in <a href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> to 3.766.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@aws-sdk/client-ecr-public</code> to 3.758.0 in <a href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a> <a href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in <a href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a> <a href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a> <a href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li> <li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li> <li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li> <li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/74a5d142397b4f367a81961eba4e8cd7edddf772"><code>74a5d14</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/856">#856</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li> <li><a href="https://github.com/docker/login-action/commit/2f4f00e4c6fe8a50cdd1fd618421be2e92b2f201"><code>2f4f00e</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/67c184546cf989af16f02a1b5359e4bde3cdc524"><code>67c1845</code></a> build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...</li> <li><a href="https://github.com/docker/login-action/commit/3d4cc89e85e0cac73870ab81d3b72c0b700870d1"><code>3d4cc89</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/844">#844</a> from graysonpike/master</li> <li><a href="https://github.com/docker/login-action/commit/6cc823a6c4738f797f031790fa7f982b7a8dcfdc"><code>6cc823a</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/823">#823</a> from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li> <li><a href="https://github.com/docker/login-action/commit/d94e792124647378e94c07359922f0f821a9fab2"><code>d94e792</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/033db0da3047b4d01e249d66f56ae16a2ed6af87"><code>033db0d</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/812">#812</a> from docker/dependabot/github_actions/codecov/codecov...</li> <li><a href="https://github.com/docker/login-action/commit/09c2ae9716c0bacef3c03e120a61c28adfb8595b"><code>09c2ae9</code></a> build(deps): bump https-proxy-agent</li> <li><a href="https://github.com/docker/login-action/commit/ba56f006fc7190f752d4e6e1312f85697984a229"><code>ba56f00</code></a> ci: update deprecated input for codecov-action</li> <li><a href="https://github.com/docker/login-action/commit/75bf9a79af089e9aa009972a6ecb22190a520679"><code>75bf9a7</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/858">#858</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/9780b0c442fbb1117ed29e0efdff1e18412f7567...74a5d142397b4f367a81961eba4e8cd7edddf772">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 to 531f5f7d163941f0c1c04e0ff4d8bb243ac4366f <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v46.0.0...v46.0.1">46.0.1</a> - (2025-03-16)</h1> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32">2f7c5bf</a>) - (github-actions[bot])</p> <ul> <li>Sync-release-version.yml to use signed commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee">4189ec6</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.9...v46.0.0">46.0.0</a> - (2025-03-16)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li>Update update-readme.yml to sign-commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>) (<a href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141">0f1ffe6</a>) - (Tonye Jack)</li> <li>Update permission in update-readme.yml workflow (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2467">#2467</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ddef03e37c84cfb9ee89fa055b86359aaf949c86">ddef03e</a>) - (Tonye Jack)</li> <li>Update github workflow update-readme.yml (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2466">#2466</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9c2df0d54a911c819d7368d7e5ed7c01c0796e0a">9c2df0d</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->➖ Remove</h2> <ul> <li>Deleted renovate.json (<a href="https://github.com/tj-actions/changed-files/commit/e37e952786556966c1fb6183c5937b3966bab099">e37e952</a>) - (Tonye Jack)</li> </ul> <h2><!-- raw HTML omitted -->🔄 Update</h2> <ul> <li>Sync-release-version.yml (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7">4cd184a</a>) - (Tonye Jack)</li> <li>Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li> </ul> <p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<a href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435">5cbf220</a>) - (github-actions[bot])</p> <h2><!-- raw HTML omitted -->📚 Documentation</h2> <ul> <li>Update docs to highlight security issues (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2465">#2465</a>) (<a href="https://github.com/tj-actions/changed-files/commit/65253327cf47481b4b1b4b9fea78e143a1353147">6525332</a>) - (Tonye Jack)</li> </ul> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.4...v45.0.9">45.0.9</a> - (2025-03-15)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li><strong>deps:</strong> Update dependency <code>@octokit/rest</code> to v21.1.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2435">#2435</a>) (<a href="https://github.com/tj-actions/changed-files/commit/fb8dcda5fb8954cec37773d2b275a8579c86c781">fb8dcda</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@octokit/rest</code> to v21.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2394">#2394</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7b72c97d739f955f5cadca0d59799d826ae9f6c9">7b72c97</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency yaml to v2.7.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2383">#2383</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5f974c28f5044c411f0c9e7becf3f172029cf9cf">5f974c2</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2460">#2460</a>) (<a href="https://github.com/tj-actions/changed-files/commit/9200e69727eb73eb060652b19946b8a2fdfb654b">9200e69</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.10 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2459">#2459</a>) (<a href="https://github.com/tj-actions/changed-files/commit/e650cfdae513481a20f538e88d98b39106523006">e650cfd</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-config-prettier to v10.1.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2458">#2458</a>) (<a href="https://github.com/tj-actions/changed-files/commit/82af21f4a05896ca18c950539469bee225c45a89">82af21f</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-config-prettier to v10.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2457">#2457</a>) (<a href="https://github.com/tj-actions/changed-files/commit/82fa4a6402582d5c8c9c0e95b7ff7cc88992bbb4">82fa4a6</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update peter-evans/create-pull-request action to v7.0.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2455">#2455</a>) (<a href="https://github.com/tj-actions/changed-files/commit/315505acf41d2913b71af48080fb158cd01f79e7">315505a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2454">#2454</a>) (<a href="https://github.com/tj-actions/changed-files/commit/c8e1cdb9ea135ee549963c167ffaec5e7d4a71cd">c8e1cdb</a>) - (renovate[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/531f5f7d163941f0c1c04e0ff4d8bb243ac4366f"><code>531f5f7</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2479">#2479</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/dccd1949addfa3d93d458019c5495581c620b00c"><code>dccd194</code></a> doc: update README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2478">#2478</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/9237eb7a0f95c801719e6224d45095d4dda0f9bd"><code>9237eb7</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2476">#2476</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/d52b942ee0c535798f0df9e1c05683f8e818c79b"><code>d52b942</code></a> add hint to revoke leaked token (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2475">#2475</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/45fb12d7a8bedb4da42342e52fe054c6c2c3fd73"><code>45fb12d</code></a> Upgraded to v46.0.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2474">#2474</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/2f7c5bfce28377bc069a65ba478de0a74aa0ca32"><code>2f7c5bf</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2473">#2473</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4189ec62c445484531e9ad97157d990be96e88ee"><code>4189ec6</code></a> update: sync-release-version.yml to use signed commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2472">#2472</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/4cd184a1dd542b79cca1d4d7938e4154a6520ca7"><code>4cd184a</code></a> update: sync-release-version.yml (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2471">#2471</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/5cbf22026d05fbef0c027d1b1f118fe3a1b6e435"><code>5cbf220</code></a> Updated README.md (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2469">#2469</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/0f1ffe61855cb317d5fd66122c14dc0627eab141"><code>0f1ffe6</code></a> fix: update update-readme.yml to sign-commits (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2468">#2468</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8...531f5f7d163941f0c1c04e0ff4d8bb243ac4366f">compare view</a></li> </ul> </details> <br /> Updates `nix-community/cache-nix-action` from 6.1.1 to 6.1.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nix-community/cache-nix-action/releases">nix-community/cache-nix-action's releases</a>.</em></p> <blockquote> <h2>v6.1.2</h2> <h2>Fixes</h2> <ul> <li>Fix nix store database merging logic (<a href="https://redirect.github.com/nix-community/cache-nix-action/pull/84">nix-community/cache-nix-action#84</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nix-community/cache-nix-action/commit/c448f065ba14308da81de769632ca67a3ce67cf5"><code>c448f06</code></a> Merge pull request <a href="https://redirect.github.com/nix-community/cache-nix-action/issues/84">#84</a> from nix-community/82-bug-v610-and-v611-dont-seem-to-w...</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/fc908ede39799ad79a606fe33e69e88457d34ebc"><code>fc908ed</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/57dad844a98b1a6324aa4453a8a8dc9625b1acc9"><code>57dad84</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/0d5803d685b779eaef4f25299f3df35ec63d995d"><code>0d5803d</code></a> fix(action): print a message after the check</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/db360de0f846626dcb5183d838d0f1436d09c3c4"><code>db360de</code></a> chore: build the action</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/07c1e7f98e139e19f4042ac93d7a36b68012fde7"><code>07c1e7f</code></a> fix(action): join on the derivation path, not the output path</li> <li><a href="https://github.com/nix-community/cache-nix-action/commit/1b9cbefbf818ca652a08a9d1be8f18e7e2a244f7"><code>1b9cbef</code></a> fix(action): parse gc-max-store-size correctly</li> <li>See full diff in <a href="https://github.com/nix-community/cache-nix-action/compare/aee88ae5efbbeb38ac5d9862ecbebdb404a19e69...c448f065ba14308da81de769632ca67a3ce67cf5">compare view</a></li> </ul> </details> <br /> Updates `aquasecurity/trivy-action` from 0.29.0 to 0.30.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's releases</a>.</em></p> <blockquote> <h2>v0.30.0</h2> <h2>What's Changed</h2> <ul> <li>fix: Update default trivy version in README by <a href="https://github.com/derrix060"><code>@derrix060</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li> <li>fix: typo in description of an input for action.yaml by <a href="https://github.com/yutatokoi"><code>@yutatokoi</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li> <li>Improve README/SBOM by <a href="https://github.com/AB-xdev"><code>@AB-xdev</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li> <li>chore: bump trivy to v0.60.0 by <a href="https://github.com/nikpivkin"><code>@nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/453">aquasecurity/trivy-action#453</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/derrix060"><code>@derrix060</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/444">aquasecurity/trivy-action#444</a></li> <li><a href="https://github.com/yutatokoi"><code>@yutatokoi</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/452">aquasecurity/trivy-action#452</a></li> <li><a href="https://github.com/AB-xdev"><code>@AB-xdev</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/439">aquasecurity/trivy-action#439</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0">https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.30.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5"><code>6c175e9</code></a> chore: bump trivy to v0.60.0 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/453">#453</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/53e8848d3e517db48b0e70ae4f648a12ae04fe02"><code>53e8848</code></a> Improve README/SBOM (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/439">#439</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/ef1b561207528e89045580cdc5a02032d8a544df"><code>ef1b561</code></a> fix: typo in description of an input for action.yaml (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/452">#452</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/a11da62073708815958ea6d84f5650c78a3ef85b"><code>a11da62</code></a> fix: Update default trivy version in README (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/444">#444</a>)</li> <li>See full diff in <a href="https://github.com/aquasecurity/trivy-action/compare/18f2510ee396bbf400402947b394f2dd8c87dbb0...6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-17 11:56:03 +00:00
dependabot[bot]	e39f39ee20	ci: bump the github-actions group with 2 updates (#16593 ) Bumps the github-actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [crate-ci/typos](https://github.com/crate-ci/typos). Updates `step-security/harden-runner` from 2.10.4 to 2.11.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.0</h2> <h2>What's Changed</h2> <p>Release v2.11.0 in <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> Harden-Runner Enterprise tier now supports the use of eBPF for DNS resolution and network call monitoring</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> from step-security/rc-18</li> <li><a href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a> Add workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a> Update package-lock.json</li> <li><a href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a> Update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a> Update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare view</a></li> </ul> </details> <br /> Updates `crate-ci/typos` from 1.29.5 to 1.29.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/releases">crate-ci/typos's releases</a>.</em></p> <blockquote> <h2>v1.29.7</h2> <h2>[1.29.7] - 2025-02-13</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>implementors</code></li> </ul> <h2>v1.29.6</h2> <h2>[1.29.6] - 2025-02-13</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1200">January 2025</a> changes</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's changelog</a>.</em></p> <blockquote> <h1>Change Log</h1> <p>All notable changes to this project will be documented in this file.</p> <p>The format is based on <a href="http://keepachangelog.com/">Keep a Changelog</a> and this project adheres to <a href="http://semver.org/">Semantic Versioning</a>.</p> <!-- raw HTML omitted --> <h2>[Unreleased] - ReleaseDate</h2> <h2>[1.29.7] - 2025-02-13</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>implementors</code></li> </ul> <h2>[1.29.6] - 2025-02-13</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1200">January 2025</a> changes</li> </ul> <h2>[1.29.5] - 2025-01-30</h2> <h3>Internal</h3> <ul> <li>Update a dependency</li> </ul> <h2>[1.29.4] - 2025-01-03</h2> <h2>[1.29.3] - 2025-01-02</h2> <h2>[1.29.2] - 2025-01-02</h2> <h2>[1.29.1] - 2025-01-02</h2> <h3>Fixes</h3> <ul> <li>Don't correct <code>deriver</code></li> </ul> <h2>[1.29.0] - 2024-12-31</h2> <h3>Features</h3> <ul> <li>Updated the dictionary with the <a href="https://redirect.github.com/crate-ci/typos/issues/1156">December 2024</a> changes</li> </ul> <h3>Performance</h3> <ul> <li>Sped up dictionary lookups</li> </ul> <h2>[1.28.4] - 2024-12-16</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/crate-ci/typos/commit/51f257b946f503b768e522781f56e9b7b5570d48"><code>51f257b</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/26abf5bab7c077003c530d632ba2d194dcb50eaf"><code>26abf5b</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/70356ad394aed5f2198728ae716d07306284545d"><code>70356ad</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1229">#1229</a> from epage/english</li> <li><a href="https://github.com/crate-ci/typos/commit/1121a62d94115d9a7196fbfd6920b2690cbb427f"><code>1121a62</code></a> fix(dict): Don't correct implementors</li> <li><a href="https://github.com/crate-ci/typos/commit/991878ee7836dc567b3478ec87191e3bd2e3db73"><code>991878e</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/c89d673ca19e503777d7d71b76908d4dab2b5138"><code>c89d673</code></a> chore(ci): Update builder image</li> <li><a href="https://github.com/crate-ci/typos/commit/0fad3ddc6e0fedf679217dcc61886fbeabd09346"><code>0fad3dd</code></a> chore(deps): Update compatible (<a href="https://redirect.github.com/crate-ci/typos/issues/1223">#1223</a>)</li> <li><a href="https://github.com/crate-ci/typos/commit/b65799a5c4a8931f965b1d7cbabca95913c2ab0a"><code>b65799a</code></a> chore: Release</li> <li><a href="https://github.com/crate-ci/typos/commit/2c0968908d0d79fa0acaa67f017f9b539fab24c5"><code>2c09689</code></a> docs: Update changelog</li> <li><a href="https://github.com/crate-ci/typos/commit/4af6a01f528aaca60cc5571e741ce05eb2d3f267"><code>4af6a01</code></a> Merge pull request <a href="https://redirect.github.com/crate-ci/typos/issues/1222">#1222</a> from epage/jan</li> <li>Additional commits viewable in <a href="https://github.com/crate-ci/typos/compare/11ca4583f2f3f74c7e7785c0ecb20fe2c99a4308...51f257b946f503b768e522781f56e9b7b5570d48">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-17 12:49:20 +00:00
dependabot[bot]	7177fa0d7c	ci: bump the github-actions group with 5 updates (#16448 ) Bumps the github-actions group with 5 updates: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/checkout](https://github.com/actions/checkout) \| `4.2.0` \| `4.2.2` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `4.4.1` \| `4.6.0` \| \| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) \| `45.0.6` \| `45.0.7` \| \| [actions/setup-java](https://github.com/actions/setup-java) \| `4.4.0` \| `4.7.0` \| \| [actions/stale](https://github.com/actions/stale) \| `9.0.0` \| `9.1.0` \| Updates `actions/checkout` from 4.2.0 to 4.2.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.2.2</h2> <h2>What's Changed</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/11bd71901bbe5b1630ceea73d27597364c9af683"><code>11bd719</code></a> Prepare 4.2.2 Release (<a href="https://redirect.github.com/actions/checkout/issues/1953">#1953</a>)</li> <li><a href="https://github.com/actions/checkout/commit/e3d2460bbb42d7710191569f88069044cfb9d8cf"><code>e3d2460</code></a> Expand unit test coverage (<a href="https://redirect.github.com/actions/checkout/issues/1946">#1946</a>)</li> <li><a href="https://github.com/actions/checkout/commit/163217dfcd28294438ea1c1c149cfaf66eec283e"><code>163217d</code></a> <code>url-helper.ts</code> now leverages well-known environment variables. (<a href="https://redirect.github.com/actions/checkout/issues/1941">#1941</a>)</li> <li><a href="https://github.com/actions/checkout/commit/eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871"><code>eef6144</code></a> Prepare 4.2.1 release (<a href="https://redirect.github.com/actions/checkout/issues/1925">#1925</a>)</li> <li><a href="https://github.com/actions/checkout/commit/6b42224f41ee5dfe5395e27c8b2746f1f9955030"><code>6b42224</code></a> Add workflow file for publishing releases to immutable action package (<a href="https://redirect.github.com/actions/checkout/issues/1919">#1919</a>)</li> <li><a href="https://github.com/actions/checkout/commit/de5a000abf73b6f4965bd1bcdf8f8d94a56ea815"><code>de5a000</code></a> Check out other refs/* by commit if provided, fall back to ref (<a href="https://redirect.github.com/actions/checkout/issues/1924">#1924</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/v4.2.0...11bd71901bbe5b1630ceea73d27597364c9af683">compare view</a></li> </ul> </details> <br /> Updates `actions/upload-artifact` from 4.4.1 to 4.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.0</h2> <h2>What's Changed</h2> <ul> <li>Expose env vars to control concurrency and timeout by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/662">actions/upload-artifact#662</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.0">https://github.com/actions/upload-artifact/compare/v4...v4.6.0</a></p> <h2>v4.5.0</h2> <h2>What's Changed</h2> <ul> <li>fix: deprecated <code>Node.js</code> version in action by <a href="https://github.com/hamirmahal"><code>@hamirmahal</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li> <li>Add new <code>artifact-digest</code> output by <a href="https://github.com/bdehamer"><code>@bdehamer</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hamirmahal"><code>@hamirmahal</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/578">actions/upload-artifact#578</a></li> <li><a href="https://github.com/bdehamer"><code>@bdehamer</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/656">actions/upload-artifact#656</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0">https://github.com/actions/upload-artifact/compare/v4.4.3...v4.5.0</a></p> <h2>v4.4.3</h2> <h2>What's Changed</h2> <ul> <li>Undo indirect dependency updates from <a href="https://redirect.github.com/actions/upload-artifact/issues/627">#627</a> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/632">actions/upload-artifact#632</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3">https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3</a></p> <h2>v4.4.2</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/artifact</code> to 2.1.11 by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/627">actions/upload-artifact#627</a> <ul> <li>Includes fix for relative symlinks not resolving properly</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2">https://github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08"><code>65c4c4a</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/662">#662</a> from actions/yacaovsnc/add_variable_for_concurrency_a...</li> <li><a href="https://github.com/actions/upload-artifact/commit/020761922861c5b0a0a9b98ae4adccf1f675862c"><code>0207619</code></a> move files back to satisfy licensed ci</li> <li><a href="https://github.com/actions/upload-artifact/commit/1ecca81102de35b6c140e930a09ea6144c27abf1"><code>1ecca81</code></a> licensed cache updates</li> <li><a href="https://github.com/actions/upload-artifact/commit/97422693d3a0493fc2d725fe8c0ac1c1097e9128"><code>9742269</code></a> Expose env vars to controll concurrency and timeout</li> <li><a href="https://github.com/actions/upload-artifact/commit/6f51ac03b9356f520e9adb1b1b7802705f340c2b"><code>6f51ac0</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/656">#656</a> from bdehamer/bdehamer/artifact-digest</li> <li><a href="https://github.com/actions/upload-artifact/commit/c40c16d999899d3642ba1597014ba7ef8ff611e7"><code>c40c16d</code></a> add new artifact-digest output</li> <li><a href="https://github.com/actions/upload-artifact/commit/735efb4a0a50bb1a533b000483f2d0a23effbd26"><code>735efb4</code></a> bump <code>@actions/artifact</code> from 2.1.11 to 2.2.0</li> <li><a href="https://github.com/actions/upload-artifact/commit/184d73b71b93c222403b2e7f1ffebe4508014249"><code>184d73b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/578">#578</a> from hamirmahal/fix/deprecated-nodejs-usage-in-action</li> <li><a href="https://github.com/actions/upload-artifact/commit/b4a0a984a056f94abb1db07895e844b9422e1e41"><code>b4a0a98</code></a> Merge branch 'main' into fix/deprecated-nodejs-usage-in-action</li> <li><a href="https://github.com/actions/upload-artifact/commit/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882"><code>b4b15b8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/632">#632</a> from actions/joshmgross/undo-dependency-changes</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v4.4.1...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08">compare view</a></li> </ul> </details> <br /> Updates `tj-actions/changed-files` from 45.0.6 to 45.0.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's releases</a>.</em></p> <blockquote> <h2>v45.0.7</h2> <h2>What's Changed</h2> <ul> <li>Upgraded to v45.0.6 by <a href="https://github.com/tj-actions-bot"><code>@tj-actions-bot</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2389">tj-actions/changed-files#2389</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2390">tj-actions/changed-files#2390</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.5 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2392">tj-actions/changed-files#2392</a></li> <li>chore(deps): update dependency typescript to v5.7.3 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2393">tj-actions/changed-files#2393</a></li> <li>fix(deps): update dependency <code>@octokit/rest</code> to v21.1.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2394">tj-actions/changed-files#2394</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2395">tj-actions/changed-files#2395</a></li> <li>chore(deps): update dependency eslint-config-prettier to v10 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2396">tj-actions/changed-files#2396</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2397">tj-actions/changed-files#2397</a></li> <li>chore(deps): update dependency eslint-plugin-prettier to v5.2.2 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2399">tj-actions/changed-files#2399</a></li> <li>chore(deps): update dependency eslint-plugin-jest to v28.11.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2400">tj-actions/changed-files#2400</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.7 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2403">tj-actions/changed-files#2403</a></li> <li>chore(deps): update dependency eslint-plugin-prettier to v5.2.3 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2405">tj-actions/changed-files#2405</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2406">tj-actions/changed-files#2406</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.8 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2407">tj-actions/changed-files#2407</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.9 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2408">tj-actions/changed-files#2408</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.10.10 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2409">tj-actions/changed-files#2409</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2410">tj-actions/changed-files#2410</a></li> <li>chore(deps): update actions/setup-node action to v4.2.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2411">tj-actions/changed-files#2411</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.6 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2413">tj-actions/changed-files#2413</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.12.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2414">tj-actions/changed-files#2414</a></li> <li>chore(deps): update dependency <code>@types/lodash</code> to v4.17.15 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2415">tj-actions/changed-files#2415</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.7 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2417">tj-actions/changed-files#2417</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.13.0 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2419">tj-actions/changed-files#2419</a></li> <li>chore(deps): lock file maintenance by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2420">tj-actions/changed-files#2420</a></li> <li>chore(deps): update dependency <code>@types/node</code> to v22.13.1 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2422">tj-actions/changed-files#2422</a></li> <li>chore(deps): update dependency eslint-plugin-github to v5.1.8 by <a href="https://github.com/renovate"><code>@renovate</code></a> in <a href="https://redirect.github.com/tj-actions/changed-files/pull/2424">tj-actions/changed-files#2424</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/tj-actions/changed-files/compare/v45...v45.0.7">https://github.com/tj-actions/changed-files/compare/v45...v45.0.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.6...v45.0.7">45.0.7</a> - (2025-02-04)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li><strong>deps:</strong> Update dependency <code>@octokit/rest</code> to v21.1.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2394">#2394</a>) (<a href="https://github.com/tj-actions/changed-files/commit/7b72c97d739f955f5cadca0d59799d826ae9f6c9">7b72c97</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2424">#2424</a>) (<a href="https://github.com/tj-actions/changed-files/commit/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8">dcc7a0c</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2422">#2422</a>) (<a href="https://github.com/tj-actions/changed-files/commit/364748aaa8a1ba2cd0a06c35e27f0b736cce57d1">364748a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2420">#2420</a>) (<a href="https://github.com/tj-actions/changed-files/commit/301bed650e89313e46f9582591f9a1f4839f2826">301bed6</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.13.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2419">#2419</a>) (<a href="https://github.com/tj-actions/changed-files/commit/be1c47003f1f9dedb4436e1e87dfdedd6f97f4c9">be1c470</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.7 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2417">#2417</a>) (<a href="https://github.com/tj-actions/changed-files/commit/81785a6716d8354b3886445dd0c2f91e44a0af5a">81785a6</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/lodash</code> to v4.17.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2415">#2415</a>) (<a href="https://github.com/tj-actions/changed-files/commit/065e671731666959f9ea1bbbb7ddb8363a8ae9cd">065e671</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.12.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2414">#2414</a>) (<a href="https://github.com/tj-actions/changed-files/commit/45cd7f3ddd3d2ba2e885acb6245710a72c096704">45cd7f3</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2413">#2413</a>) (<a href="https://github.com/tj-actions/changed-files/commit/47f21ba55840bf5f5d6ed605352ecd7f2508cbe2">47f21ba</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update actions/setup-node action to v4.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2411">#2411</a>) (<a href="https://github.com/tj-actions/changed-files/commit/3b3041225bddb25fd9637f44aa4e9a5178c6792e">3b30412</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2410">#2410</a>) (<a href="https://github.com/tj-actions/changed-files/commit/eec6665cfdd8cb363f41d1adb498ad670105e5ea">eec6665</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.10 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2409">#2409</a>) (<a href="https://github.com/tj-actions/changed-files/commit/cefd9aa22075c8bbc7dc90a20e82a5badce77e7c">cefd9aa</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.9 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2408">#2408</a>) (<a href="https://github.com/tj-actions/changed-files/commit/6296564d94be89c91b9c9a893e3b1381b8083dfa">6296564</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2407">#2407</a>) (<a href="https://github.com/tj-actions/changed-files/commit/203f0af1aa531319a2af43d70205e12b5f73cb05">203f0af</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2406">#2406</a>) (<a href="https://github.com/tj-actions/changed-files/commit/8b824429a7b52d43be4884a6be2dea134870d55d">8b82442</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-prettier to v5.2.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2405">#2405</a>) (<a href="https://github.com/tj-actions/changed-files/commit/2b7a1ec20ef743b7bb78d0a5e55012dfb04a8f78">2b7a1ec</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.7 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2403">#2403</a>) (<a href="https://github.com/tj-actions/changed-files/commit/a2600ce61d4b9f7074622ca3a2f5e497524e6532">a2600ce</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-jest to v28.11.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2400">#2400</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5dc51d34076557d9ab904ba22d0107a7aa9c73c6">5dc51d3</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-prettier to v5.2.2 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2399">#2399</a>) (<a href="https://github.com/tj-actions/changed-files/commit/18de9f341fddb527d74abcea6acaa9430e392a60">18de9f3</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency <code>@types/node</code> to v22.10.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2397">#2397</a>) (<a href="https://github.com/tj-actions/changed-files/commit/467e54813892b0cf302b0bba54d233c861b97f1a">467e548</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-config-prettier to v10 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2396">#2396</a>) (<a href="https://github.com/tj-actions/changed-files/commit/556e62ac760c4112189f816a829a2e61965d76a0">556e62a</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2395">#2395</a>) (<a href="https://github.com/tj-actions/changed-files/commit/4f1e6b0db0fb6a8f464793eed5c37ec4a4d76011">4f1e6b0</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency typescript to v5.7.3 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2393">#2393</a>) (<a href="https://github.com/tj-actions/changed-files/commit/82deec73be8984405676feff8f0a4562b60df95c">82deec7</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Update dependency eslint-plugin-github to v5.1.5 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2392">#2392</a>) (<a href="https://github.com/tj-actions/changed-files/commit/ef7202db4d23bd79d2fb79d667a7a43ddb08b783">ef7202d</a>) - (renovate[bot])</li> <li><strong>deps:</strong> Lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2390">#2390</a>) (<a href="https://github.com/tj-actions/changed-files/commit/01c978c0f8cace666c3b0102d1c2c59bf698acdf">01c978c</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⬆️ Upgrades</h2> <ul> <li>Upgraded to v45.0.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2389">#2389</a>)</li> </ul> <p>Co-authored-by: jackton1 <a href="mailto:17484350+jackton1@users.noreply.github.com">17484350+jackton1@users.noreply.github.com</a> (<a href="https://github.com/tj-actions/changed-files/commit/ed8e9f69eea433e8fca92ad9b928ca6520d79c2a">ed8e9f6</a>) - (tj-actions[bot])</p> <h1><a href="https://github.com/tj-actions/changed-files/compare/v45.0.5...v45.0.6">45.0.6</a> - (2025-01-03)</h1> <h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2> <ul> <li><strong>deps:</strong> Update dependency yaml to v2.7.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2383">#2383</a>) (<a href="https://github.com/tj-actions/changed-files/commit/5f974c28f5044c411f0c9e7becf3f172029cf9cf">5f974c2</a>) - (renovate[bot])</li> </ul> <h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2> <ul> <li><strong>deps:</strong> Update dependency <code>@types/lodash</code> to v4.17.14 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2388">#2388</a>) (<a href="https://github.com/tj-actions/changed-files/commit/d6e91a2266cdb9d62096cebf1e8546899c6aa18f">d6e91a2</a>) - (renovate[bot])</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tj-actions/changed-files/commit/dcc7a0cba800f454d79fff4b993e8c3555bcc0a8"><code>dcc7a0c</code></a> chore(deps): update dependency eslint-plugin-github to v5.1.8 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2424">#2424</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/364748aaa8a1ba2cd0a06c35e27f0b736cce57d1"><code>364748a</code></a> chore(deps): update dependency <code>@types/node</code> to v22.13.1 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2422">#2422</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/301bed650e89313e46f9582591f9a1f4839f2826"><code>301bed6</code></a> chore(deps): lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2420">#2420</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/be1c47003f1f9dedb4436e1e87dfdedd6f97f4c9"><code>be1c470</code></a> chore(deps): update dependency <code>@types/node</code> to v22.13.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2419">#2419</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/81785a6716d8354b3886445dd0c2f91e44a0af5a"><code>81785a6</code></a> chore(deps): update dependency eslint-plugin-github to v5.1.7 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2417">#2417</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/065e671731666959f9ea1bbbb7ddb8363a8ae9cd"><code>065e671</code></a> chore(deps): update dependency <code>@types/lodash</code> to v4.17.15 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2415">#2415</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/45cd7f3ddd3d2ba2e885acb6245710a72c096704"><code>45cd7f3</code></a> chore(deps): update dependency <code>@types/node</code> to v22.12.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2414">#2414</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/47f21ba55840bf5f5d6ed605352ecd7f2508cbe2"><code>47f21ba</code></a> chore(deps): update dependency eslint-plugin-github to v5.1.6 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2413">#2413</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/3b3041225bddb25fd9637f44aa4e9a5178c6792e"><code>3b30412</code></a> chore(deps): update actions/setup-node action to v4.2.0 (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2411">#2411</a>)</li> <li><a href="https://github.com/tj-actions/changed-files/commit/eec6665cfdd8cb363f41d1adb498ad670105e5ea"><code>eec6665</code></a> chore(deps): lock file maintenance (<a href="https://redirect.github.com/tj-actions/changed-files/issues/2410">#2410</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tj-actions/changed-files/compare/d6e91a2266cdb9d62096cebf1e8546899c6aa18f...dcc7a0cba800f454d79fff4b993e8c3555bcc0a8">compare view</a></li> </ul> </details> <br /> Updates `actions/setup-java` from 4.4.0 to 4.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v4.7.0</h2> <h2>What's Changed</h2> <ul> <li>Configure Dependabot settings by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li> <li>README Update: Added a permissions section by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li> <li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li> <li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li> <li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li> <li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p> <h2>v4.6.0</h2> <h2>What's Changed</h2> <p><strong>Add-ons:</strong></p> <ul> <li>Add Support for JetBrains Runtime by <a href="https://github.com/gmitch215"><code>@gmitch215</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li> </ul> <pre lang="steps:"><code> - name: Checkout uses: actions/checkout@v4 - name: Setup-java uses: actions/setup-java@v4 with: distribution: ‘jetbrains’ java-version: '21' </code></pre> <p><strong>Bug fixes:</strong></p> <ul> <li>Fix Ubuntu-latest CI failures by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/693">actions/setup-java#693</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gmitch215"><code>@gmitch215</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.6.0">https://github.com/actions/setup-java/compare/v4...v4.6.0</a></p> <h2>v4.5.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/686">#686</a></li> </ul> <h3>Bug fixes:</h3> <ul> <li>Improve archive extraction on windows runners without powershell core and Update micromatch dependency by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/689">#689</a></li> <li>Update workflows for GraalVM and Version Enhancements by <a href="https://github.com/mahabaleshwars"><code>@mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/699">#699</a></li> <li>Refine <code>isGhes</code> logic by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/697">#697</a></li> </ul> <h3>New Contributors:</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12"><code>3a4f6e1</code></a> Bump <code>@types/jest</code> from 29.5.12 to 29.5.14 (<a href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/25f376e3482f0dca3da72062bdab5082495705ff"><code>25f376e</code></a> Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/d4e4b6bbc1a6e93198eade3e6adfedd3c01f79c4"><code>d4e4b6b</code></a> Bump <code>@actions/http-client</code> from 2.2.1 to 2.2.3 (<a href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/28b532bcb39ad928b00bc3cbce25c94d11654854"><code>28b532b</code></a> Create dependabot.yml (<a href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/51ab6d2e3070fda1eac8cfaab8ffd90e6019d7e1"><code>51ab6d2</code></a> Update cache from 3.2.4 to 4.0.0 (<a href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/99d3141d9ba96520552bfd7a9545bc1d74da9251"><code>99d3141</code></a> Update README.md (<a href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/7a6d8a8234af8eb26422e24e3006232cccaa061b"><code>7a6d8a8</code></a> Add Support for JetBrains Runtime (<a href="https://redirect.github.com/actions/setup-java/issues/637">#637</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/7136edc5e8145b3c0b6bae8f4e62706c74e76538"><code>7136edc</code></a> Fix sbt and x86 CI failures on Ubuntu-24 (<a href="https://redirect.github.com/actions/setup-java/issues/693">#693</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/8df1039502a15bceb9433410b1a100fbe190c53b"><code>8df1039</code></a> Refine <code>isGhes</code> logic (<a href="https://redirect.github.com/actions/setup-java/issues/697">#697</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/870c199c48d3d764226001e5f61002b15289795e"><code>870c199</code></a> Update workflows for GraalVM and Version Enhancements (<a href="https://redirect.github.com/actions/setup-java/issues/699">#699</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/setup-java/compare/b36c23c0d998641eff861008f374ee103c25ac73...3a4f6e1af504cf6a31855fa899c6aa5355ba6c12">compare view</a></li> </ul> </details> <br /> Updates `actions/stale` from 9.0.0 to 9.1.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/stale/releases">actions/stale's releases</a>.</em></p> <blockquote> <h2>v9.1.0</h2> <h2>What's Changed</h2> <ul> <li>Documentation update by <a href="https://github.com/Marukome0743"><code>@Marukome0743</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li> <li>Update undici from 5.28.2 to 5.28.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1150">actions/stale#1150</a></li> <li>Update actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1091">actions/stale#1091</a></li> <li>Update actions/publish-action from 0.2.2 to 0.3.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1147">actions/stale#1147</a></li> <li>Update ts-jest from 29.1.1 to 29.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1175">actions/stale#1175</a></li> <li>Update <code>@actions/core</code> from 1.10.1 to 1.11.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1191">actions/stale#1191</a></li> <li>Update <code>@types/jest</code> from 29.5.11 to 29.5.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1193">actions/stale#1193</a></li> <li>Update <code>@actions/cache</code> from 3.2.2 to 4.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/stale/pull/1194">actions/stale#1194</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Marukome0743"><code>@Marukome0743</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1116">actions/stale#1116</a></li> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/stale/pull/1179">actions/stale#1179</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/stale/compare/v9...v9.1.0">https://github.com/actions/stale/compare/v9...v9.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/stale/commit/5bef64f19d7facfb25b37b414482c7164d639639"><code>5bef64f</code></a> build(deps): bump <code>@actions/cache</code> from 3.2.2 to 4.0.0 (<a href="https://redirect.github.com/actions/stale/issues/1194">#1194</a>)</li> <li><a href="https://github.com/actions/stale/commit/fa77dfddd04682b7d96dbc4e016318e681fdc10e"><code>fa77dfd</code></a> build(deps-dev): bump <code>@types/jest</code> from 29.5.11 to 29.5.14 (<a href="https://redirect.github.com/actions/stale/issues/1193">#1193</a>)</li> <li><a href="https://github.com/actions/stale/commit/f04443dce335c74ba15c65f4cbb3688e6cb6a6ec"><code>f04443d</code></a> build(deps): bump <code>@actions/core</code> from 1.10.1 to 1.11.1 (<a href="https://redirect.github.com/actions/stale/issues/1191">#1191</a>)</li> <li><a href="https://github.com/actions/stale/commit/5c715b0513651880806e14d529f014b12fdd50eb"><code>5c715b0</code></a> build(deps-dev): bump ts-jest from 29.1.1 to 29.2.5 (<a href="https://redirect.github.com/actions/stale/issues/1175">#1175</a>)</li> <li><a href="https://github.com/actions/stale/commit/f69122271d990fd11f5594ccff2296f00ff59b49"><code>f691222</code></a> build(deps): bump actions/publish-action from 0.2.2 to 0.3.0 (<a href="https://redirect.github.com/actions/stale/issues/1147">#1147</a>)</li> <li><a href="https://github.com/actions/stale/commit/df990c2cf5ae92c90653c9485d6882a0a09feac7"><code>df990c2</code></a> build(deps): bump actions/checkout from 3 to 4 (<a href="https://redirect.github.com/actions/stale/issues/1091">#1091</a>)</li> <li><a href="https://github.com/actions/stale/commit/6e472ce44ab4197b0154601c59c54a75b73b340b"><code>6e472ce</code></a> Merge pull request <a href="https://redirect.github.com/actions/stale/issues/1179">#1179</a> from actions/Jcambass-patch-1</li> <li><a href="https://github.com/actions/stale/commit/d10ba64261d965f75165f74c55cd3ffbf690d442"><code>d10ba64</code></a> Merge pull request <a href="https://redirect.github.com/actions/stale/issues/1150">#1150</a> from actions/dependabot/npm_and_yarn/undici-5.28.4</li> <li><a href="https://github.com/actions/stale/commit/bbf3da5f64eebd003932d93293857400f7f7e18d"><code>bbf3da5</code></a> resolve check failures</li> <li><a href="https://github.com/actions/stale/commit/6a2e61d18b155e538f85ef1bf7bd0470775e9703"><code>6a2e61d</code></a> Add workflow file for publishing releases to immutable action package</li> <li>Additional commits viewable in <a href="https://github.com/actions/stale/compare/28ca1036281a5e5922ead5184a1bbf96e5fc984e...5bef64f19d7facfb25b37b414482c7164d639639">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-02-05 14:14:49 +00:00
dependabot[bot]	f8844cab0a	ci: bump the github-actions group with 4 updates (#16192 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Muhammad Atif Ali <atif@coder.com>	2025-01-21 15:31:30 +00:00
Muhammad Atif Ali	95d769da41	chore: ignore cherry-pick-bot created branches for Deploy PR (#16037 )	2025-01-04 16:55:43 +05:00
dependabot[bot]	9e78aaeea3	ci: bump the github-actions group with 3 updates (#15649 ) Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [github/codeql-action](https://github.com/github/codeql-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `step-security/harden-runner` from 2.10.1 to 2.10.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.10.2</h2> <h2>What's Changed</h2> <ol> <li> <p>Fixes low-severity command injection weaknesses The advisory is here: <a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc">https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc</a></p> </li> <li> <p>Bug fix to improve detection of whether Harden-Runner is running in a container</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.2">https://github.com/step-security/harden-runner/compare/v2...v2.10.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/0080882f6c36860b6ba35c610c98ce87d4e2f26f"><code>0080882</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/476">#476</a> from step-security/rc-16</li> <li><a href="https://github.com/step-security/harden-runner/commit/4a3a88bbf8f2e304f84e1042472c02dce37eba82"><code>4a3a88b</code></a> Update dist</li> <li><a href="https://github.com/step-security/harden-runner/commit/556aae632a6c1f630efa52e90d706218618e5f2f"><code>556aae6</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/480">#480</a> from h0x0er/jatin/cleanup</li> <li><a href="https://github.com/step-security/harden-runner/commit/6c39b8466160e86ad8606033d399fe7f4052aee1"><code>6c39b84</code></a> chore: clean the code</li> <li><a href="https://github.com/step-security/harden-runner/commit/40401cf6183a0ab2dae5c7e485c1d073fe911e91"><code>40401cf</code></a> Update for isdocker</li> <li><a href="https://github.com/step-security/harden-runner/commit/806ab1cccb47a439a89d5f8f85d3ea41a7fb1e4c"><code>806ab1c</code></a> Update check for isdocker</li> <li><a href="https://github.com/step-security/harden-runner/commit/28468118cdb665b2214b64175253b83fcb4b25f6"><code>2846811</code></a> update dist</li> <li><a href="https://github.com/step-security/harden-runner/commit/df8a07c1712fac199e8d6e78d64a46092afffa44"><code>df8a07c</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/475">#475</a> from h0x0er/fix-execSync</li> <li><a href="https://github.com/step-security/harden-runner/commit/30636fb583e59a926da2f17677e5cd3b63cf1be1"><code>30636fb</code></a> bug fixes</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/91182cccc01eb5e619899d80e4e971d6181294a7...0080882f6c36860b6ba35c610c98ce87d4e2f26f">compare view</a></li> </ul> </details> <br /> Updates `github/codeql-action` from 3.27.4 to 3.27.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.27.5</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>3.27.5 - 19 Nov 2024</h2> <p>No user facing changes.</p> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.27.5/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.27.5 - 19 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.4 - 14 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.3 - 12 Nov 2024</h2> <p>No user facing changes.</p> <h2>3.27.2 - 12 Nov 2024</h2> <ul> <li>Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". <a href="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li> </ul> <h2>3.27.1 - 08 Nov 2024</h2> <ul> <li>The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2573">#2573</a></li> <li>Update default CodeQL bundle version to 2.19.3. <a href="https://redirect.github.com/github/codeql-action/pull/2576">#2576</a></li> </ul> <h2>3.27.0 - 22 Oct 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.14.6. <a href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li> <li>Fix an issue where the <code>upload-sarif</code> Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the <code>upload-sarif</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li> <li>Update default CodeQL bundle version to 2.19.2. <a href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li> </ul> <h2>3.26.13 - 14 Oct 2024</h2> <p>No user facing changes.</p> <h2>3.26.12 - 07 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p> <ul> <li> <p>If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</p> </li> <li> <p>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace <code>github/codeql-action/@v3</code> by <code>github/codeql-action/@v3.26.11</code> and <code>github/codeql-action/@v2</code> by <code>github/codeql-action/@v2.26.11</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</p> </li> </ul> </li> </ul> <h2>3.26.11 - 03 Oct 2024</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/f09c1c0a94de965c15400f5634aa42fac8fb8f88"><code>f09c1c0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2616">#2616</a> from github/update-v3.27.5-a6c8729a5</li> <li><a href="https://github.com/github/codeql-action/commit/67b73eaba559c7e6913377065b0362ccbfc94e87"><code>67b73ea</code></a> Update changelog for v3.27.5</li> <li><a href="https://github.com/github/codeql-action/commit/a6c8729a5d7573eb8d440e52a9645ce4db61d97c"><code>a6c8729</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2614">#2614</a> from github/marcogario/per-platform-proxy</li> <li><a href="https://github.com/github/codeql-action/commit/8f3b48727ff1b076c28967a258b95fcee30a3a48"><code>8f3b487</code></a> Start-proxy: Fetch OS specific binary</li> <li><a href="https://github.com/github/codeql-action/commit/cba5fb58d4f85affaf03eb9da32f5b6c9d76838b"><code>cba5fb5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2613">#2613</a> from github/dependabot/npm_and_yarn/npm_and_yarn-018...</li> <li><a href="https://github.com/github/codeql-action/commit/e782c3a145d9946aba8fa390e406acbe4e4c05c5"><code>e782c3a</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2612">#2612</a> from github/angelapwen/report-linux-runner-release</li> <li><a href="https://github.com/github/codeql-action/commit/db6788195b646f87b3d1c616b0c14a6d5b7fa9a6"><code>db67881</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/ecde4d232d18cf2dba6c1a6b76810332abff736f"><code>ecde4d2</code></a> Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group</li> <li><a href="https://github.com/github/codeql-action/commit/e3c67a01d31d9c173ba5ffccc9d0f275540d99de"><code>e3c67a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2610">#2610</a> from github/dependabot/npm_and_yarn/npm-d2ca52e617</li> <li><a href="https://github.com/github/codeql-action/commit/f9ada54538b47b6db28c4d11f53848689968909e"><code>f9ada54</code></a> Telemetry: report OS release for GitHub-hosted Linux runners</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f...f09c1c0a94de965c15400f5634aa42fac8fb8f88">compare view</a></li> </ul> </details> <br /> Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's releases</a>.</em></p> <blockquote> <h2>v0.29.0</h2> <h2>What's Changed</h2> <ul> <li>feat: Allow skipping setup by <a href="https://github.com/rvesse"><code>@rvesse</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li> <li>Fix oras command not found in "Update Trivy Cache" action by <a href="https://github.com/Tiryoh"><code>@Tiryoh</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li> <li>Update README.md by <a href="https://github.com/simar7"><code>@simar7</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/420">aquasecurity/trivy-action#420</a></li> <li>feat: add token for <code>setup-trivy</code> by <a href="https://github.com/DmitriyLewen"><code>@DmitriyLewen</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/421">aquasecurity/trivy-action#421</a></li> <li>fix: bump <code>setup-trivy</code> and add new <code>contrib</code> directory path info by <a href="https://github.com/DmitriyLewen"><code>@DmitriyLewen</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/424">aquasecurity/trivy-action#424</a></li> <li>docs: remove ignore-unfixed from IaC scan example by <a href="https://github.com/nikpivkin"><code>@nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/429">aquasecurity/trivy-action#429</a></li> <li>chore(deps): Bump trivy to v0.57.1 by <a href="https://github.com/simar7"><code>@simar7</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/434">aquasecurity/trivy-action#434</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/rvesse"><code>@rvesse</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li> <li><a href="https://github.com/Tiryoh"><code>@Tiryoh</code></a> made their first contribution in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0">https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/18f2510ee396bbf400402947b394f2dd8c87dbb0"><code>18f2510</code></a> chore(deps): Bump trivy to v0.57.1 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/434">#434</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/93941cebba762da4c91a91883859bf1bfb221c73"><code>93941ce</code></a> docs: remove ignore-unfixed from IaC scan example (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/429">#429</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/d2a392a13760cb64cb6bbd31d4bed2a7d9a5298d"><code>d2a392a</code></a> fix: bump <code>setup-trivy</code> and add new <code>contrib</code> directory path info (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/424">#424</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/ee8934673cc18947baf4b05c01c4100ff36648da"><code>ee89346</code></a> feat: add token for <code>setup-trivy</code> (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/421">#421</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/cf990b19d84bbbe1eb8833659989a7c1029132e3"><code>cf990b1</code></a> Update README.md (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/420">#420</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/bff40be51b9207cf8f2148d628a9836cc7370247"><code>bff40be</code></a> docs: Fix oras command not found (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/413">#413</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/fc1500abdcdc9fc681e98d8912a52fa70dbc67de"><code>fc1500a</code></a> feat: Allow skipping setup (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/414">#414</a>)</li> <li>See full diff in <a href="https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-11-26 16:24:10 +05:00
Muhammad Atif Ali	329e08686f	chore: improve PR deployments (#15430 )	2024-11-11 17:58:32 +05:00
Muhammad Atif Ali	076399b3bd	chore: correct typos and configure permissions in pr-deploy.yaml (#15372 )	2024-11-05 09:41:48 +05:00
Muhammad Atif Ali	065263a852	chore: update dependabot config and pin Docker images (#15194 )	2024-11-04 11:01:54 +05:00
Muhammad Atif Ali	afacb07140	chore: tighten GitHub workflow permissions (#15282 )	2024-10-30 16:17:42 +05:00
Joobi S B	7982ad7659	feat: expose premium trial form via CLI (#15054 ) This PR closes https://github.com/coder/coder/issues/14856	2024-10-29 13:02:20 +00:00
jatin	7f98fa3abb	chore: remove duplicated harden-runner step (#15127 )	2024-10-17 13:12:57 -05:00
Muhammad Atif Ali	8e254cbb07	chore: integrate step-security/harden-runner in workflows (#15099 ) Redoing #15097 Part of #14879	2024-10-16 11:23:00 -07:00
Muhammad Atif Ali	57a65c15bf	chore: use commit sha for GitHub actions (#15019 ) Use specific commit SHAs for GitHub actions across various workflows to enhance reliability and reproducibility. This change ensures that actions run against a known version, reducing the risk of unexpected issues due to updates in the third-party action repositories. This contributes to improving the score in #14879	2024-10-14 08:49:55 -07:00
Muhammad Atif Ali	c62512a8bb	chore: use base64 encoded kubeconfig for pr deployments (#13851 )	2024-07-09 14:24:43 +00:00
Muhammad Atif Ali	a123badccc	chore: use base64 encoded kubeconfig for pr deployments (#13849 )	2024-07-09 13:44:59 +00:00
Muhammad Atif Ali	136900268e	ci: migrate to depot.dev runners (#13467 )	2024-06-25 09:36:33 +03:00
dependabot[bot]	46d92dac57	ci: bump the github-actions group with 5 updates (#11890 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-30 00:38:59 +03:00
Garrett Delfosse	b21da38bea	chore: deprecate template create command in favor of template push (#11390 )	2024-01-05 21:04:14 +00:00
Kayla Washburn	97f7a35a47	feat: add light theme (#11266 )	2023-12-19 17:03:00 -07:00
Muhammad Atif Ali	45e9d93d37	chore: remove unused input from deploy-pr workflow (#11259 )	2023-12-18 17:32:53 +03:00
Muhammad Atif Ali	26e0d7580c	chore: avoid pushing `.terraform.lock.hcl` while creating the template (#9851 )	2023-09-25 15:13:32 +03:00
Muhammad Atif Ali	201a6c0c79	chore: remove extra condition from pr-deploy.yaml (#9788 )	2023-09-21 17:58:46 +03:00
Muhammad Atif Ali	b358e3d558	chore: fix permission for kubeconfig (#9768 )	2023-09-19 08:36:00 +00:00
dependabot[bot]	eb72866a29	ci: bump the github-actions group with 2 updates (#9722 ) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-18 11:15:56 +00:00

1 2

91 Commits