chore(deps): bump the github-actions group with 8 updates

[dependabot]

Bumps the github-actions group with 8 updates:

Package	From	To
toshimaru/auto-author-assign	2.0.1	2.1.0
actions/setup-node	3	4
chuhlomin/render-template	1.8	1.9
actions/setup-python	4	5
abatilo/actions-poetry	2	3
peter-evans/create-pull-request	5	6
pre-commit/action	3.0.0	3.0.1
actions/upload-artifact	3	4

Updates toshimaru/auto-author-assign from 2.0.1 to 2.1.0

Release notes

Sourced from toshimaru/auto-author-assign's releases.

v2.1.0

What's Changed

Dependencies

• build(deps): bump actions/setup-node from 3 to 4 by @​dependabot in toshimaru/auto-author-assign#101
• build(deps-dev): bump @​vercel/ncc from 0.38.0 to 0.38.1 by @​dependabot in toshimaru/auto-author-assign#100
• build(deps): bump @​actions/github from 5.1.1 to 6.0.0 by @​dependabot in toshimaru/auto-author-assign#99

Full Changelog: toshimaru/auto-author-assign@v2.0.1...v2.1.0

Changelog

Sourced from toshimaru/auto-author-assign's changelog.

2.1.0 (2024-01-17)

Commits

• ebd30f1 chore(release): 2.1.0
• fe944cf build(deps): bump @​actions/github from 5.1.1 to 6.0.0 (#99)
• 60a9f1a build(deps-dev): bump @​vercel/ncc from 0.38.0 to 0.38.1 (#100)
• 5a5d40b build(deps): bump actions/setup-node from 3 to 4 (#101)
• See full diff in compare view

Updates actions/setup-node from 3 to 4

Release notes

Sourced from actions/setup-node's releases.

v4.0.0

What's Changed

In scope of this release we changed version of node runtime for action from node16 to node20 and updated dependencies in actions/setup-node#866

Besides, release contains such changes as:

• Upgrade actions/checkout to v4 by @​gmembre-zenika in actions/setup-node#868
• Update actions/checkout for documentation and yaml by @​dmitry-shibanov in actions/setup-node#876

New Contributors

• @​gmembre-zenika made their first contribution in actions/setup-node#868

Full Changelog: actions/setup-node@v3...v4.0.0

v3.8.2

What's Changed

• Update semver by @​dmitry-shibanov in actions/setup-node#861
• Update temp directory creation by @​nikolai-laevskii in actions/setup-node#859
• Bump @​babel/traverse from 7.15.4 to 7.23.2 by @​dependabot in actions/setup-node#870
• Add notice about binaries not being updated yet by @​nikolai-laevskii in actions/setup-node#872
• Update toolkit cache and core by @​dmitry-shibanov and @​seongwon-privatenote in actions/setup-node#875

Full Changelog: actions/setup-node@v3...v3.8.2

v3.8.1

What's Changed

In scope of this release, the filter was removed within the cache-save step by @​dmitry-shibanov in actions/setup-node#831. It is filtered and checked in the toolkit/cache library.

Full Changelog: actions/setup-node@v3...v3.8.1

v3.8.0

What's Changed

Bug fixes:

• Add check for existing paths by @​dmitry-shibanov in actions/setup-node#803
• Resolve SymbolicLink by @​dmitry-shibanov in actions/setup-node#809
• Change passing logic for cache input by @​dmitry-shibanov in actions/setup-node#816
• Fix armv7 cache issue by @​louislam in actions/setup-node#794
• Update check-dist workflow name by @​sinchang in actions/setup-node#710

Feature implementations:

• feat: handling the case where "node" is used for tool-versions file. by @​xytis in actions/setup-node#812

Documentation changes:

• Refer to semver package name in README.md by @​olleolleolle in actions/setup-node#808

Update dependencies:

• Update toolkit cache to fix zstd by @​dmitry-shibanov in actions/setup-node#804
• Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-node#802
• Bump semver from 6.1.2 to 6.3.1 by @​dependabot in actions/setup-node#807

... (truncated)

Commits

• 60edb5d Add support for arm64 Windows (#927)
• d86ebcd Add support for volta.extends (#921)
• b39b52d Fix node-version-file interprets entire package.json as a version (#865)
• 7247617 Add package.json to node-version-file list of examples. (#879)
• f3ec4ca Fix README.md (#898)
• ec97f37 Add fix for cache (#917)
• 5ef044f Update reusable workflows to use Node.js v20 (#889)
• c45882a update to setup-node@v4 in docs (#884)
• ee36e8b Ignore engines check in Yarn 1 e2e-cache tests (#882)
• 8f152de Update actions/checkout for documentation and yaml (#876)
• Additional commits viewable in compare view

Updates chuhlomin/render-template from 1.8 to 1.9

Release notes

Sourced from chuhlomin/render-template's releases.

v1.9

What's Changed

• Fix multiplatform compatibility by @​pavlospt in chuhlomin/render-template#17

New Contributors

• @​pavlospt made their first contribution in chuhlomin/render-template#17

Full Changelog: chuhlomin/render-template@v1.8...v1.9

Commits

• a473db6 fix: build arm binary
• 7ee32fd Update image to v1.9
• 64d261a fix: multiplatform compatibility (#17)
• 0ca0022 feat(gha): add update-tag manual step
• 0c6afbd docs: update version in README: v1.8 → v1
• See full diff in compare view

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

• Trim python version when reading from file by @​FerranPares in actions/setup-python#628
• Use non-deprecated versions in examples by @​jeffwidman in actions/setup-python#724
• Change deprecation comment to past tense by @​jeffwidman in actions/setup-python#723
• Bump @​babel/traverse from 7.9.0 to 7.23.2 by @​dependabot in actions/setup-python#743
• advanced-usage.md: Encourage the use actions/checkout@v4 by @​cclauss in actions/setup-python#729
• Examples now use checkout@v4 by @​simonw in actions/setup-python#738
• Update actions/checkout to v4 by @​dmitry-shibanov in actions/setup-python#761

New Contributors

• @​FerranPares made their first contribution in actions/setup-python#628
• @​timfel made their first contribution in actions/setup-python#694
• @​jeffwidman made their first contribution in actions/setup-python#724

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-python#702
• Add range validation for toml files by @​dmitry-shibanov in actions/setup-python#726

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table> 

... (truncated)

Commits

• 0a5c615 Update action to node20 (#772)
• 0ae5836 Add example of GraalPy to docs (#773)
• b64ffca update actions/checkout to v4 (#761)
• 8d28961 Examples now use checkout@v4 (#738)
• 7bc6abb advanced-usage.md: Encourage the use actions/checkout@v4 (#729)
• e8111ce Bump @​babel/traverse from 7.9.0 to 7.23.2 (#743)
• a00ea43 add fix for graalpy ci (#741)
• 8635b1c Change deprecation comment to past tense (#723)
• f6cc428 Use non-deprecated versions in examples (#724)
• 5f2af21 Add GraalPy support (#694)
• Additional commits viewable in compare view

Updates abatilo/actions-poetry from 2 to 3

Release notes

Sourced from abatilo/actions-poetry's releases.

v3.0.0

3.0.0 (2024-1-11)

BREAKING CHANGE

Use pipx to isolate poetry (#63) (7b6d33e)

Functionality itself should expect to be the same but the affected virtualenv is different and people might have depended on this behavior so we're considering this a breaking change.

v2.4.0

2.4.0 (2023-12-29)

Features

• Add ability to install plugins as part of the action setup (#66) (a5643c6)

v2.3.0

2.3.0 (2023-02-24)

Features

• by default use the latest poetry version (#62) (192395c)

v2.2.0

2.2.0 (2022-11-26)

Features

• update default Poetry version to 1.2.2 (#57) (f295866)

v2.1.6

2.1.6 (2022-08-23)

Bug Fixes

• Updating default poetry version to 1.15 (#49) (0816ab2)

v2.1.5

2.1.5 (2022-06-26)

Bug Fixes

• quote versions to fix parsing errors (c1aba0c)

... (truncated)

Commits

• 7b6d33e feat!: use pipx to isolate poetry (#63)
• See full diff in compare view

Updates peter-evans/create-pull-request from 5 to 6

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.0

Behaviour changes

• The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
• On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

• Updated runtime to Node.js 20
  • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
• The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
• The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
• Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
• push-to-fork now supports pushing to sibling repositories in the same network.
• Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
• If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
• The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
• The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

• Update distribution by @​actions-bot in peter-evans/create-pull-request#2086
• fix crazy-max/ghaction-import-gp parameters by @​fharper in peter-evans/create-pull-request#2177
• Update distribution by @​actions-bot in peter-evans/create-pull-request#2364
• Use checkout v4 by @​okuramasafumi in peter-evans/create-pull-request#2521
• Note about delete-branch by @​dezren39 in peter-evans/create-pull-request#2631
• 98 dependency updates by @​dependabot

New Contributors

• @​fharper made their first contribution in peter-evans/create-pull-request#2177
• @​okuramasafumi made their first contribution in peter-evans/create-pull-request#2521
• @​dezren39 made their first contribution in peter-evans/create-pull-request#2631

Full Changelog: peter-evans/create-pull-request@v5.0.2...v6.0.0

Create Pull Request v5.0.2

⚙️ Fixes an issue that occurs when using push-to-fork and both base and head repositories are in the same org/user account.

What's Changed

• fix: specify head repo by @​peter-evans in peter-evans/create-pull-request#2044
• 20 dependency updates by @​dependabot

Full Changelog: peter-evans/create-pull-request@v5.0.1...v5.0.2

Create Pull Request v5.0.1

What's Changed

• fix: truncate body if exceeds max length by @​peter-evans in peter-evans/create-pull-request#1915
• 12 dependency updates by @​dependabot

Full Changelog: peter-evans/create-pull-request@v5.0.0...v5.0.1

Commits

• b1ddad2 feat: v6 (#2717)
• bb80902 build(deps-dev): bump @​types/node from 18.19.8 to 18.19.10 (#2712)
• e0037d4 build(deps): bump peter-evans/create-or-update-comment from 3 to 4 (#2702)
• 94b1f99 build(deps): bump peter-evans/find-comment from 2 to 3 (#2703)
• 69c27ea build(deps-dev): bump ts-jest from 29.1.1 to 29.1.2 (#2685)
• 7ea722a build(deps-dev): bump prettier from 3.2.2 to 3.2.4 (#2684)
• 5ee839a build(deps-dev): bump @​types/node from 18.19.7 to 18.19.8 (#2683)
• 60fc256 build(deps-dev): bump eslint-plugin-prettier from 5.1.2 to 5.1.3 (#2660)
• 0c67723 build(deps-dev): bump @​types/node from 18.19.5 to 18.19.7 (#2661)
• 4e288e8 build(deps-dev): bump prettier from 3.1.1 to 3.2.2 (#2659)
• Additional commits viewable in compare view

Updates pre-commit/action from 3.0.0 to 3.0.1

Release notes

Sourced from pre-commit/action's releases.

pre-commit/[email protected]

Misc

• Update actions/cache to v4
  • #190 PR by @​SukiCZ.
  • #189 issue by @​bakerkj.

Commits

• 2c7b380 v3.0.1
• 8e2deeb Merge pull request #190 from SukiCZ/upgrade-action/cache-v4
• 0dbc303 Upgrade action/cache to v4. Fixes: #189
• c7d159c Merge pull request #185 from pre-commit/asottile-patch-1
• 9dd4237 fix main badge
• 37faf8a Merge pull request #184 from pre-commit/pre-commit-ci-update-config
• 049686e [pre-commit.ci] pre-commit autoupdate
• 5f528da move back to maintenance-only
• efd3bcf Merge pull request #170 from pre-commit/pre-commit-ci-update-config
• df308c7 [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Updates actions/upload-artifact from 3 to 4

Release notes

Sourced from actions/upload-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

1. The changelog post.
2. The README.
3. The migration documentation.
4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

• @​vmjoseph made their first contribution in actions/upload-artifact#464

Full Changelog: actions/upload-artifact@v3...v4.0.0

v3.1.3

What's Changed

• chore(github): remove trailing whitespaces by @​ljmf00 in actions/upload-artifact#313
• Bump @​actions/artifact version to v1.1.2 by @​bethanyj28 in actions/upload-artifact#436

Full Changelog: actions/upload-artifact@v3...v3.1.3

v3.1.2

• Update all @actions/* NPM packages to their latest versions- #374
• Update all dev dependencies to their most recent versions - #375

v3.1.1

• Update actions/core package to latest version to remove set-output deprecation warning #351

v3.1.0

What's Changed

• Bump @​actions/artifact to v1.1.0 (actions/upload-artifact#327)
  • Adds checksum headers on artifact upload (actions/toolkit#1095) (actions/toolkit#1063)

Commits

• 5d5d22a Merge pull request #515 from actions/eggyhead/update-artifact-v2.1.1
• f1e993d update artifact license
• 4881bfd updating dist:
• a30777e @​eggyhead
• 3a80482 Merge pull request #511 from actions/robherley/migration-docs-typo
• 9d63e3f Merge branch 'main' into robherley/migration-docs-typo
• dfa1ab2 fix typo with v3 artifact downloads in migration guide
• d00351b Merge pull request #509 from markmssd/patch-1
• 707f5a7 Update limitation of 10 artifacts upload to 500
• 26f96df Merge pull request #505 from actions/robherley/merge-artifacts
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

🦋 Changeset detected

Latest commit: 61b1be4

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
arcane-scripts	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR